Kansas Nuclear Operator Named as Hacking Spree Victim


Kansas Nuclear Operator Named as Hacking Spree Victim

The report does not indicate whether these cyber attacks were linked to industrial espionage or attempt to cause damage to these plants.

Galina Antova, co-founder of New York-based Claroty, which specializes in securing industrial control systems, told Bloomberg News that those backdoors could be used to incorporate software specifically created to penetrate a facility's operational controls and disrupt critical systems.

Both stories go into tremendous detail about how the attacks were pulled off, but the New York Times story in particular featured a unusual little anecdote that stood out in the context of reading about "nuclear plants" and "hacking".

The hackers sent emails with resumes that contained code allowing attackers access to senior employees' credentials and other network machines, according to the Times.

Bloomberg cited multiple United States sources who said they had zeroed in on Russian Federation as the primary suspect behind the most recent attacks, including one at Kansas' Wolf Creek nuclear facility.

The DHS report carried an urgent "amber warning", the second-highest rating for threat severity, the newspaper said. The targets include the Wolf Creek nuclear plant in Kansas.

However, a spokesperson for the nuclear plant told Bloomberg that, "There was absolutely no operational impact to Wolf Creek, ' because the plant's operational computer systems and corporate network are 'completely separate" from each other. The origin of the attacks is also unclear, but sources told the Times that hackers' techniques resembled those used by a Russian hacking group known as Energetic Bear, which has been linked to attacks on the energy sector since 2012.

The joint report by the DHS and the Federal Bureau of Investigation did not identify the attackers, though it described the hacks as "an advanced persistent threat", a term that USA officials typically but not always use to describe attacks by culprits.

But the Times said an "advanced persistent threat" actor was responsible. The New York Times report says targets were both in the US and in other countries. The motive and severity of the attacks also now remain unknown.

"They're fully isolated. There's no way to get data into the plant from the outside without somebody doing it by hand", Gross says.



© 2015 Leader Call. All Rights reserved.