It began innocently enough—a resume sent via email in Microsoft Word document format. But what transpired once power plant managers opened the files was unquestionably sinister.
Authorities report that since May 2017, hackers have targeted the computer networks of several companies that manage and operate and energy facilities throughout the US. But last week, Wolf Creek Nuclear Operating Corporation, a Kansas nuclear power plant management firm was one of them.
A joint report recently issued by the Department of Homeland Security and the Federal Bureau of Investigation indicates that the plant’s cyber security barriers were breached. The infiltration attempt targeted personnel with system access credentials in an effort to map out computer networks for future attacks—situations that could lead to dangerous explosions, fires, or material spills.
In response, the agencies issued an urgent amber warning, the second highest threat level rating. Plant officials were quick to explain, however, that operational controls were not at all compromised. The plant and its surrounding community are safe.
Although the origin of the attack is unknown, cybercrime experts indicate that the techniques used are similar to those of an organization known as “Energetic Bear,” a Russian hacking group linked to energy industry cybersecurity breaches since 2012. The possibility of a Russia connection is particularly concerning, according to officials, because Russian hackers have previously debilitated parts of the electrical grid in Ukraine and appear to be testing tools to disrupt US power supplies.
Furthermore, supervisory control and data acquisition (SCADA) software manages an ever-increasing list of critical infrastructure, from pipelines and water treatment facilities to dams and nuclear power plants. The software provides remote monitoring and process efficiency, but it is also vulnerable to cybercrime and could offer cybercriminals entry points into the systems controlling the electrical grid.
“We never anticipated that our critical infrastructure control systems could be facing advanced levels of malware,” Jon Wellinghoff, former chairman of the Federal Energy Regulatory Commission recently told the New York Times. Yet, a Department of Homeland Security report explains that cyberattacks on critical infrastructure are currently “one of the most serious national security challenges we must confront.”
What are your thoughts?
Please vote in the poll, and add your comments below:
Is your organization taking steps to increase the security of its SCADA system?