Hackers Targeting Nuclear Facilities Are Suspected to Be Russian

The New York Times reports that unidentified hackers are going after the networks of companies responsible for operating nuclear power plants in the U.S.

WASHINGTON — Computer hackers have been targeting nuclear power plants in the United States and other countries, the New York Times reports.

The Times cited security consultants and a so-called urgent joint report issued by the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) last week.

The DHS and FBI said they are aware of a potential intrusion in the energy sector. The alert issued to utilities cited activities by hackers since May.

The joint report was obtained by The Times and confirmed by security specialists who have been responding to the attacks. It carried an urgent amber warning, the second-highest rating for the sensitivity of the threat.

“There is no indication of a threat to public safety, as any potential impact appears to be limited to administrative and business networks,” the government agencies said in a joint statement.

The Department of Energy also said the impact appears limited to administrative and business networks and said it was working with utilities and grid operators to enhance security and resilience.

The report did not indicate whether the cyberattacks were an attempt at stealing industrial secrets or part of a plan to cause destruction, The Times reported.

Among the companies targeted was the Wolf Creek Nuclear Operating Corp., which runs a nuclear power plant near Burlington, Kan.

Wolf Creek officials told The Times that while they could not comment on cyberattacks or security issues, no “operations systems” were affected and that their corporate network and the internet were separate from the network that runs the plant.

None of the 99 electric utilities that operate nuclear plants in the U.S. have reported that the security of their operations has been affected by the latest attacks, John Keeley, a spokesman for the Nuclear Energy Institute, told The Times.

Sources familiar with the investigation told The Times the hackers’ techniques imitated those of an organization known as “Energetic Bear,” a Russian hacking group that cybersecurity specialists have tied to attacks on the energy sector since at least 2012.

Hackers wrote highly targeted email messages containing fake résumés for control engineering jobs and sent them to the senior industrial control engineers who maintain broad access to critical industrial control systems, the government report said.

The fake résumés were Microsoft Word documents that were laced with malicious code. Once the recipients clicked on those documents, attackers could steal their credentials and proceed to other machines on a network.

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our FREE digital newsletters!

Security Is Our Business, Too

For professionals who recommend, buy and install all types of electronic security equipment, a free subscription to Commercial Integrator + Security Sales & Integration is like having a consultant on call. You’ll find an ideal balance of technology and business coverage, with installation tips and techniques for products and updates on how to add to your bottom line.

A FREE subscription to the top resource for security and integration industry will prove to be invaluable.

Subscribe Today!

Leave a Reply

Your email address will not be published. Required fields are marked *

Get Our Newsletters