Power Plants Under Attack

Nuclear energy facilities are the most recent target of cybercrime


It began innocently enough—a resume sent via email in Microsoft Word document format. But what transpired once power plant managers opened the files was unquestionably sinister.

Authorities report that since May 2017, hackers have targeted the computer networks of several companies that manage and operate and energy facilities throughout the US. But last week, Wolf Creek Nuclear Operating Corporation, a Kansas nuclear power plant management firm was one of them.  

A joint report recently issued by the Department of Homeland Security and the Federal Bureau of Investigation indicates that the plant’s cyber security barriers were breached. The infiltration attempt targeted personnel with system access credentials in an effort to map out computer networks for future attackssituations that could lead to dangerous explosions, fires, or material spills.

Electric grids are evolving rapidly, disrupted by regulatory changes, distributed generation, renewable portfolio standards, and evolving technology. Energy storage is uniquely positioned at the heart of all of this change. Download Greensmith Energy's White Paper to learn more about improving economics and demystifying energy storage systems.

In response, the agencies issued an urgent amber warning, the second highest threat level rating. Plant officials were quick to explain, however, that operational controls were not at all compromised. The plant and its surrounding community are safe.

Although the origin of the attack is unknown, cybercrime experts indicate that the techniques used are similar to those of an organization known as “Energetic Bear,” a Russian hacking group linked to energy industry cybersecurity breaches since 2012. The possibility of a Russia connection is particularly concerning, according to officials, because Russian hackers have previously debilitated parts of the electrical grid in Ukraine and appear to be testing tools to disrupt US power supplies.

Furthermore, supervisory control and data acquisition (SCADA) software manages an ever-increasing list of critical infrastructure, from pipelines and water treatment facilities to dams and nuclear power plants. The software provides remote monitoring and process efficiency, but it is also vulnerable to cybercrime and could offer cybercriminals entry points into the systems controlling the electrical grid.

“We never anticipated that our critical infrastructure control systems could be facing advanced levels of malware,” Jon Wellinghoff, former chairman of the Federal Energy Regulatory Commission recently told the New York Times. Yet, a Department of Homeland Security report explains that cyberattacks on critical infrastructure are currently “one of the most serious national security challenges we must confront.”

What are your thoughts?
Please vote in the poll, and add your comments below:


Is your organization taking steps to increase the security of its SCADA system?

Thank you for voting
You have already voted on this poll!
Please select an option!


  • C. Douglas Stram.

    You could eliminate or at least reduce dependence on vulnerable & costly transmission lies & substations — making electric facilities a non-priority target for cyber-terrorists.

  • Andrew C.

    This article vacillates from “the sky is falling” to “nothing to see here.” National Security Expert quotes “We never anticipated that our critical infrastructure control systems could be facing advanced levels of malware,” yet previously the subject plant and the surrounding community are deemed safe? Amber alerts, the potential of fire and explosions if the intrusions are successful, trial runs, debilitated grids in the Ukraine. Sorry, my read of this article comes to only one conclusion, we’ve been sitting on our hands again. And it would appear that there are no Administration plans to immediately and forcefully address the seriousness of this National IT infrastructure issue.


Leave a Reply

Enter Your Log In Credentials