July 11, 2017
Hackers have been targeting the operations of several nuclear plants in the US. According to a joint report issued by Department of Homeland Security and the FBI, unidentified groups of hackers have been the network of companies that operate nuclear power plants in the country. According to a story by the New York Times, one of the companies targeted was the Wolf Creek Nuclear Operating Corporation, a facility responsible for overseeing the operation of a nuclear power plant outside Burlington, Kansas.
“There is no indication of a threat to public safety, as any potential impact appears to be limited to administrative and business networks,” read the report. The report also states that both energy companies and manufacturing plants were being targeted for the last two months. Although apart from Wolf Creek, none have been named.
The severity of the attacks and the direct impact has been unclear, as well as the motive for the attack. But insider’s suspect that the attack may have been to disrupt the operations of power plants but hackers where only testing the security and mapping it infrastructure for future attacks which seem imminent at this stage. It is also unclear how exactly how many companies were affected.
According to the government report, “Hackers wrote highly targeted email messages containing fake résumés for control engineering jobs and sent them to the senior industrial control engineers who maintain broad access to critical industrial control systems.” The fake resumes were word documents that were covered in malicious code. Once the documents were open attackers could steal their credentials and proceed to other machines on a network.
But the statement issued by the FBI said that although they made their way into the computers, “there is no indication hackers had been able to jump from their victims’ computers into the control systems of the facilities.”