Russians Prime Suspects in Cyberattacks Targeting US Nuclear Plants

Glen Mclaughlin
July 8, 2017

The DHS and Federal Bureau of Investigation acknowledged the incidents in a statement Thursday but said "any potential impact appears to be limited to administrative and business networks".

As far as attribution, current and former U.S. officials told Bloomberg that Russia is the chief suspect: "The possibility of a Russia connection is particularly worrisome, former and current officials say, because Russian hackers have previously taken down parts of the electrical grid in Ukraine and appear to be testing increasingly advanced tools to disrupt power supplies". The report also indicated that the cyber attacks bore similarities to tactics used by Energetic Bear, a hacking group identified in 2012 as originating in Russian Federation.

Both stories go into tremendous detail about how the attacks were pulled off, but the New York Times story in particular featured a odd little anecdote that stood out in the context of reading about "nuclear plants" and "hacking".

Security officials warned that hackers appeared to be mapping out computer networks and searching for vulnerabilities to eventually disrupt the country's electrical grid and power supply, Bloomberg reported. It did say an "advanced persistent threat" actor was responsible, which suggests USA officials believe the hackers are backed by a foreign government.

Cyberattacks from a foreign government recently breached a dozen or more US power plants, including conventional and nuclear generators, multiple media outlets report.

More news: Canada to compensate and apologise to former Guantanamo Bay inmate
More news: ISIS Appears To Be Losing The Battle For Mosul
More news: The FinnCap Reaffirms Corporate Rating for Premaitha Health PLC (NIPT)

Reuters said that the DHS and FBI's warning noted that hackers were sending phishing e-mails to plant employees in an attempt to "harvest credentials" that could be used to access their company's computer networks.

A latest report suggests that hackers try sending malicious mails to nuclear engineers for hacking in to their IT systems. Over the past few years, cybercriminals have developed customised malware variants such as Industroyer and Irongate, which specifically target nuclear control systems.

"There has been absolutely no operational impact to Wolf Creek", Jenny Hageman, a spokeswoman for the nuclear plant, said in a statement to BuzzFeed News.

Russian government-sponsored hackers are suspected of being behind the penetration of computer systems at several US nuclear power plants. Importantly, however, no attacks successfully penetrated plants' operational controls, and many were directed at corporate systems often unconnnected.

Authorities said in the report that they are not sure how many plants were breached.

Other reports by MaliBehiribAe

Discuss This Article