According to the New York Times, citing a joint report issued by both the Department of Homeland Security and the FBI last week, unidentified hackers have been targeting the networks of nuclear power companies in the U.S. for the last two months. According to the report, the hackers did not intend to take down the plants themselves, instead, they attempted to infiltrate the corporate networks of the companies that run the plants. The motives behind the cyber-attacks remain unclear. The intention may be to steal trade secrets or gather intelligence that could be used to disrupt the operation of energy facilities at a later point in time.
One target that is identified in the report is the Wolf Creek Nuclear Operating Corporation, a company that oversees the operation of a nuclear power plant outside Burlington, Kansas. Wolf Creek officials claim that no operations systems had been affected and that the computers that run the plant are isolated from their corporate network, which has internet access.
The origins of the hackers are unknown, but the report indicated that the cyber criminals were state-sponsored. Two people familiar with the investigation said that the techniques used by the hackers seem similar to those used by “Energetic Bear”, a Russian hacking ring that has been tied to attacks on the energy sector since at least 2012.
The FBI and the Department of Homeland Security said in a joint statement that “there is no indication of a threat to public safety, as any potential impact appears to be limited to administrative and business networks.”
Cyber-attacks are on the rise lately, disrupting many companies' operations and causing financial damage. The WannaCry ransomware, that exploited vulnerabilities with tools stolen from the NSA, wreaked havoc on many organizations across the world, while the Petya malware affected mostly Europe, with Ukraine hit the hardest.
Source and image: The New York Times