The FBI and Homeland Security have warned that Russian Federation is the chief suspect behind recent computer network breaches at US nuclear power plants and other energy facilities.
Hackers believed to be working for a foreign government have recently penetrated the computer networks of power plants across the U.S., including a nuclear facility in Kansas, according to reports published Thursday. The hackers did so by sending emails containing fake resumes with malicious codes for control engineering jobs to engineers with access to critical industrial control systems.
The US Department of Energy also said the impact appears limited to administrative and business networks.
The FBI and Homeland Security Department issued a new warning to American energy companies about potential cyberattacks on nuclear facilities. "However, the attacks appear to have been government sponsored (from the "'active persistent threat' actor" language used to describe those responsible).
Hackers have for weeks been targeting computer systems associated with US nuclear facilities and power plants in a bid to glean information to use in subsequent cyberattacks, according to USA authorities.
Reuters said that the DHS and FBI's warning noted that hackers were sending phishing e-mails to plant employees in an attempt to "harvest credentials" that could be used to access their company's computer networks.
The latest hacking reports came as President Donald Trump prepares to meet with Russian President Vladimir Putin on Friday, though it is still unclear whether Trump will address USA intelligence agencies' conclusion that Russian hackers attempted to influence the presidential election.
When reached for comment about the latest hacks, government officials and a spokesperson for Wolf Creek said the operational side of its network had not been affected. Importantly, however, no attacks successfully penetrated plants' operational controls, and many were directed at corporate systems often unconnnected. "On the other it's really far from anything near the industrial control systems".
"They're fully isolated. There's no way to get data into the plant from the outside without somebody doing it by hand", Gross says.
Still, even if hackers have to do much more to execute a full-scale power grid attack, it's scary to know that it could all start from something as innocuous as a MS Word document.