Crystal River 3 nuclear power plant/CC BY-SA 2.0 6 Things to Know about the 2020 Cyberattack and Nuclear Power Plants Ed Lyman, Director of Nuclear Power Safety, Climate & Energy | December 18, 2020, 5:56 pm EDT News reports over the last day indicate that a massive and devastating cyberattack on US government agencies and private companies in the United States and abroad has occurred, and UCS will be watching as this news develops. While the scope of the cyberattack is still far from clear, here are some facts to consider regarding how the hack may have impacted US nuclear energy infrastructure. So far there have been no reports that the Nuclear Regulatory Commission (NRC), the agency that oversees the safety and security of US nuclear power plants, or any nuclear plants themselves, have been affected. The NRC once had a contract with SolarWinds, whose Orion software has been identified as a major vector of the attack, but apparently terminated it in 2011. However, the US Cybersecurity and Infrastructure Agency reported that Orion was not the only attack vector.