By Noelle Camp[1] The threat presented by the malicious insider has captured the public imagination. Fictional insiders have permeated pop culture, from the Secret Service agent-turned plane hijacker in Air Force One to Jurassic Park computer programmer and intellectual property thief Dennis Nedry. Real-life insiders, such as Edward Snowden, Christopher Boyce, and Robert Hanssen, have had their crimes recounted and backstories and motivations dissected between the pages of books and on the big screen. The nuclear industry is not immune from the threat of insider activity. In fact, the stakes for effective insider mitigation in the nuclear industry are enormously high. Insider threat professionals in the nuclear industry must grapple with the potential for theft or sabotage of nuclear materials that could result in catastrophic radiological release.[2] Insider events may also result in considerable economic or reputational losses for nuclear facilities – for example, nuclear thief David Learned Dale cost GE Nuclear Power Plant nearly $1 million in lost revenue[3], while the actions of saboteur Rodney Wilkinson delayed the commissioning of the Koeberg plant in South Africa by 18 months at an estimated cost of 500 million South African Rand. The nuclear industry should demonstrate the same enthusiasm for consuming insider cases as the American public has – not only because these cases are a fascinating glimpse into the human psyche, but because they offer important lessons learned for effectively mitigating the insider threat. The case of Russian engineer Leonid Smirnov provides an example of a classic historical insider threat case with implications for the contemporary practice of insider threat mitigation at nuclear facilities. The Case of Leonid Smirnov[4] Leonid Smirnov, a chemical engineer, served as a loyal employee of the Luch Scientific Production Association in the Soviet Union for more than 25 years. His responsibilities included weighing, accounting, and dispensing highly enriched uranium (HEU) to research teams in support of the facility’s mission to conduct research on experimental reactors using HEU fuel. The collapse of the Soviet Union in 1991 drastically altered Smirnov’s circumstances. Russia’s crumbling economy and sudden lack of need for a vast nuclear enterprise left workers in the nuclear complex in an uncertain situation. Guards at nuclear weapons facilities went unpaid for months at a time, compromising physical security measures. Employees including Smirnov suffered from hyperinflation and reduced wages. Grappling with increasingly desperate economic circumstances, Smirnov turned to nuclear theft. Over the course of several months, he began removing small quantities of HEU in the form of uranium dioxide powder while colleagues were out of the room. In total, Smirnov collected nearly 1.5 kg of HEU, which he stored in a lead container on his balcony. The theft of special nuclear material went entirely unnoticed by the facility until Smirnov was found to have HEU on his person during an unrelated encounter with police. After serving three years of probation, Smirnov became an advocate for nuclear security and spoke publicly about the case, including his methods and motives. Lessons for Contemporary Nuclear Security Practitioners The Smirnov case offers several important lessons for nuclear security practitioners. First, even loyal employees may be susceptible to engaging in insider acts under the right circumstances. As a well-respected veteran employee, Smirnov was unlikely to fall under suspicion of engaging in malicious activity. Moreover, it is unlikely Smirnov would have engaged in nuclear theft without the tumultuous economic circumstances brought on by the fall of the Soviet Union. In an interview, Smirnov reflected on his financial desperation, saying, “I don’t have expensive tastes, you know, but I was at a loss. I could buy nothing–no furniture, no clothing, nothing. So, I simply panicked.” He told investigators after his arrest that he planned to use the money earned from selling the material to buy a new stove and refrigerator. The Smirnov case demonstrates that national-level political and economic events may influence motivations for insider activity. Building and maintaining a robust facility security culture can help to ensure suspicious incidents are reported even in the midst of tumultuous social or economic conditions. This case also provides an example of how insiders may engage in theft over the long-term to better evade suspicion. Smirnov conducted 25-30 diversions of small amounts of uranium over the course of several months, using a 50-gram glass vial to collect the material. During this time, Smirnov also continued to carry out his normal duties at the facility. While abrupt theft of a large amount of material would likely have raised the suspicion of facility workers, Smirnov’s protracted theft of small amounts of HEU allowed him to accumulate more than 1 kg of material over the long-term without alerting his colleagues. The Smirnov case shows how poor security procedures, such as inadequate nuclear material quality control (e.g., inventory monitoring), can enable theft of special nuclear material. Nuclear materials quality control is based in monitoring the difference between beginning and ending inventory and is used to ensure nuclear material has not been diverted. It is not expected that the beginning inventory and ending inventory of nuclear material will necessarily be equal – instead, there is an expectation of some natural loss, as material may accumulate in piping, ducts, or other process equipment.[5] From a quality control perspective, this material is considered irretrievable loss for the facility. In the Smirnov case, the irretrievable loss limit for the facility was set unusually high at 3% of the facility’s nuclear material. In total, Smirnov siphoned off 1.5 kg of HEU, representing only 1% of the facility’s material. As a result of these poor nuclear material quality control practices, facility management did not realize any material had been taken. The IAEA recommends setting limits for irretrievable losses to address diversion and proliferation concerns based on the amount of material required to develop a nuclear weapon.[6] Security practitioners may wish to set similar limits to detect much smaller levels of irretrievable loss to mitigate potential theft of nuclear material. For security professionals, even a few grams in the hands of a terrorist or extremist group may constitute an unacceptable risk to public health, and consequently the acceptable irretrievable loss may be lower. From the details in this case, a two-person rule, more robust security culture, and stronger physical security measures[7] would likely have aided in detection or even prevented the theft entirely. Smirnov was permitted to work with the HEU completely alone, an arrangement his colleagues never questioned. The facility had no remote surveillance measures in place, radiation monitors, or security checks entering or exiting the facility, allowing Smirnov to successfully carry the HEU out of the facility on his person. Case studies such as the Leonid Smirnov case represent a powerful tool for nuclear security professionals, providing insight into insider motivations, methods, and mitigation measures. A stronger understanding of historical insider incidents can prevent the nuclear industry from repeating the mistakes of the past. Study and analysis of past incidents, as well as enhanced information sharing between industry professionals on cases occurring in the present-day, will ensure that insider incidents are relegated to Hollywood blockbusters. [1] SAND2021-7341 O – Sandia National Laboratories is a multimission laboratory managed and operated by National Technology and Engineering Solutions of Sandia, LLC, a wholly owned subsidiary of Honeywell International Inc., for the U.S. Department of Energy’s National Nuclear Security Administration under contract DE-NA0003525. [2] International Atomic Energy Agency, Preventive and Protective Measures against Insider Threat: Implementing Guide, Security Series No. 8 (Vienna: IAEA, 2008), Foreword. [3] Noah Gale Pope and Christopher Hobbs. 2015. Insider Threat Case Studies at Radiological and Nuclear Facilities. Technical Report No. LA-UR-15-22642. Los Alamos National Laboratories and King’s College London, 22. [4] More information on the Leonid Smirnov case, including a profile of Smirnov and incident timeline, can be found in the Los Alamos National Laboratories and King’s College London report: Noah Gale Pope and Christopher Hobbs. 2015. Insider Threat Case Studies at Radiological and Nuclear Facilities. Technical Report No. LA-UR-15-22642. Los Alamos National Laboratories and King’s College London. [5] International Atomic Energy Agency, Establishing a System for Control of Nuclear Material for Nuclear Security Purposes at a Facility during Use, Storage, and Movement, Security Series No. 32-T (Vienna: IAEA, 2019), 27. [6] International Atomic Energy Agency, Nuclear Material Accounting Handbook, Services Series No. 15 (Vienna: IAEA, 2008), 2. [7] Implementation of a two-person rule and physical security measures, as well as building and maintaining a strong security culture, are all featured in the IAEA’s recommendations for insider threat mitigation: International Atomic Energy Agency, Preventive and Protective Measures against Insider Threat: Implementing Guide, Security Series No. 8 (Vienna: IAEA, 2008).