This is interesting to see how this story is being reported
First, from the New York Times:
Hackers Are Targeting Nuclear Facilities, Homeland Security Dept. and F.B.I. Say
Since May, hackers have been penetrating the computer networks of companies that operate nuclear power stations and other energy facilities, as well as manufacturing plants in the United States and other countries.
Among the companies targeted was the Wolf Creek Nuclear Operating Corporation, which runs a nuclear power plant near Burlington, Kan., according to security consultants and an urgent joint report issued by the Department of Homeland Security and the Federal Bureau of Investigation last week.
Were any systems compromised? Any damage? No? End of story. Case in point:
In a joint statement with the F.B.I., a spokesman for the Department of Homeland Security said, “There is no indication of a threat to public safety, as any potential impact appears to be limited to administrative and business networks.”
How did they do this?
Hackers wrote highly targeted email messages containing fake résumés for control engineering jobs and sent them to the senior industrial control engineers who maintain broad access to critical industrial control systems, the government report said.
The fake résumés were Microsoft Word documents that were laced with malicious code. Once the recipients clicked on those documents, attackers could steal their credentials and proceed to other machines on a network.
This was a Word Macro attack - this threat has been around for a long long time with the first instance being the Melissa virus in 1999 - they entered the public awareness in 2006.
Second is from Bloomberg. They do Fake News and go full Russian on the story:
Russians Are Suspects in Nuclear Site Hackings, Sources Say
Hackers working for a foreign government recently breached at least a dozen U.S. power plants, including the Wolf Creek nuclear facility in Kansas, according to current and former U.S. officials, sparking concerns the attackers were searching for vulnerabilities in the electrical grid.
More:
The chief suspect is Russia, according to three people familiar with the continuing effort to eject the hackers from the computer networks. One of those networks belongs to an aging nuclear generating facility known as Wolf Creek -- owned by Westar Energy Inc., Great Plains Energy Inc. and Kansas Electric Power Cooperative Inc. -- on a lake shore near Burlington, Kansas.
The possibility of a Russia connection is particularly worrisome, former and current officials say, because Russian hackers have previously taken down parts of the electrical grid in Ukraine and appear to be testing increasingly advanced tools to disrupt power supplies.
Completely unfounded - the authors - Michael Riley , Jennifer A Dlouhy , and Bryan Gruley - are running on speculation here as the original report does not mention Russia or any other nation as being suspects, it merely factually describes the attempt. In addition, the "aging nuclear generating facility known as Wolf Creek" is in top operating condition. It first came online in 1985, 31 years ago. These reactors have a fifty year design life so it is only middle-aged, not aging. More about the plant here: Wolf Creek Nuclear Operating Corporation.
Bloomberg = Fake News. So sad.
Leave a comment