This is who the US thinks just tried to hack its most secure nuclear sites

American officials have concluded that hackers working on behalf of a foreign power recently breached at least a dozen US nuclear power sites, Bloomberg reported July 6.

Bloomberg cited multiple US sources who said they had zeroed in on Russia as the primary suspect behind the most recent attacks, including one at Kansas’ Wolf Creek nuclear facility.

Officials believe the attacks may be related to a separate hack that happened late last month, in which unidentified hackers infiltrated the business-associated end of the power plant. The name and location of that site were not released, but E&E News reported that federal investigators were looking into cyberattacks on multiple facilities at the time.

When reached for comment about the latest hacks, government officials and a spokesperson for Wolf Creek said the operational side of its network had not been affected.

Salem nuclear power plant. Photo by Peretz Partensky

Salem nuclear power plant. Photo by Peretz Partensky

“There was absolutely no operational impact to Wolf Creek,” Jenny Hageman, a spokeswoman for the nuclear plant, said in a statement to Bloomberg News. “The reason that is true is because the operational computer systems are completely separate from the corporate network.”

But the hacks have raised red flags for investigators who worry Russia may be gearing up to levy an attack against the US power grid.  If that were the case, it would fit into a pattern adopted by Russia in the past, particularly as it relates to Ukraine.

In 2015, a massive cyberattack leveled against the country’s power grid cut electricity to almost 250,000 Ukrainians. Cybersecurity experts linked the attack to IP addresses associated with Russia. Since then, Wired magazine’s Andy Greenberg reported, Ukraine has seen a growing crisis in which an increasing number of Ukrainian corporations and government agencies have been hit by cyberattacks in a “rapid, remorseless succession.”

Ukraine is now host to what may turn into a full-blown cyberwar, Greenberg reported. Two separate attacks on the country’s power grid were part of what Greenberg called a “digital blitzkrieg” waged against it for the past three years, which multiple analysts have connected to Russian interests.

Lights out. Photo from Wikimedia Commons

Lights out. Photo from Wikimedia Commons

With respect to the recent cyberattacks on US nuclear facilities, the Department of Homeland Security and Federal Bureau of Investigation said they were aware of the intrusions.

“There is no indication of a threat to public safety, as any potential impact appears to be limited to administrative and business networks,” the agencies said in a statement.

But cybersecurity experts say that once a system is breached in any way — even if it’s not on the operational side — nuclear safety could be at risk down the road.

“If a nuclear power facility is attacked on the business side, that might actually serve as a way of information-gathering” for hackers, Paulo Shakarian, founder of the cybersecurity firm CYR3CON, told Business Insider. In some cases, hackers will try to “see if, by reaching that system, they can get more insight into what the facility is using on the operational side,” Shakarian said.

Though nuclear power providers have rigorous practices in place to divide business and nuclear operations in their networks, experts say an attack on one could inform an attack on the other.

Photo from Moscow Kremlin.

Photo from Moscow Kremlin.

Greg Martin, the CEO of cybersecurity firm JASK, said that while it was “wonderful” that network segmentation prevented hackers from being able to attack critical infrastructure directly, “the business side has tons of information about the more vulnerable infrastructure side of these types of plants.”

That information can include emails, communications involving design plans, information about security assessments, emails or documents that contain passwords, and more. Martin echoed Shakarian’s assessment and added that some information that can be gleaned from a breach like this can open up a window that “can be used to set up for future, more damaging attacks just based on the proprietary information they’re able to steal.”

These latest suspicions towards Russia come on the heels of a colossal cyberattack that crippled countries and corporations across the globe, which cybersecurity experts said Russia may have perpetrated.

Russia was also found to have hacked the 2016 US election in an effort to damage then-candidate Hillary Clinton’s campaign and tilt the election in favor of Donald Trump. Russia has so far denied all the charges against it.

TOP ARTICLES
This is the latest version of the M9 service pistol

The M9A3 offers a bigger magazine, a user-friendly grip, and a host of improvements based on lessons learned from over three decades of service.

This is what the DoD has planned for a zombie apocalypse

It does touch on many of the pop culture elements of zombie lore, but it breaks things down to become applicable to most situations that would similar to an actual outbreak.

Some dirtbags messed with an Iwo Jima memorial — and Marines caught 'em on film

Officials say an Iwo Jima memorial in Fall River was doused with the contents of a fire extinguisher last weekend. Police are investigating

Vets are going to get a new ID card, and they'll be ready for use next month

The new identification card will provide employers looking to hire veterans with an easier way to verify an employee's military service.

This is the story behind the rise and fall of the Islamic State group

The Islamic State group, responsible for some of the worst atrocities perpetrated against civilians in recent history, appears on the verge of collapse.

Now the Iraqi army is going after the Kurdish forces who helped beat ISIS

Iraqi federal and Kurdish forces exchanged fire on Oct. 20, capping a dramatic week that saw the Kurds hand over territory across Northern Iraq.

This Kurdish female militia refuses to stop its hunt for ISIS terrorists

A Kurdish female militia, after helping free the city of Raqqa, said it will continue the fight to liberate women from the extremists’ brutal rule.

The US just sent nearly 1M bombs and missiles to Guam — here's why

Hint: There's this guy a few thousand miles away who's threatening to lob a nuke in their direction.

This is what the 400 US troops in Somalia are actually up to

The US has quadrupled its military presence in Somalia after Al-Shabab killed nearly 300 civilians in two truck bombings. Half of them are special ops troops.

The war between the US Army and Magpul is heating up over ice

Magpul officials are calling foul on the Army's claim that its rifle magazines don't work in the cold — and they say they can prove it.