Wrong.
See below findings.
Note - Hackers also get into ICS crucial server sys admin accounts via wireless SCADA system network vulnerabilities, or service vendor maintenance dial-up lines or FTP services.
Unheeded cybersecurity threat leaves nuclear power stations open ...
https://phys.org/news/2015-10-unheeded-cybersecurity-threat-nuclear-power.html Proxy Highlight
Oct 19, 2015 ... The report also found that power plants rarely employ an “air gap” (where ... in nuclear power plants were designed in an era before the internet ...
Researchers Hack Air-Gapped Computer With Simple Cell Phone ...
https://www.wired.com/2015/07/researchers-hack-air-ga... Proxy Highlight
Jul 27, 2015 ... The most sensitive work environments, like nuclear power plants, ... Usually this is achieved by air-gapping computers from the Internet and ...
If there is solid proof of this, then inform the NRC. All nuclear plants are to be digitally secured under Code of Federal Regulations, 10CFR73.54. This is a public document, available to anyone.
Any plant found with a vulnerability would be subject to fines and shutdown.