Jul 10 2017
Security

Russia Reportedly Behind Recent Nuclear Plant Hacks

The Energy Department is helping power firms defend against cyberattacks following recent intrusions into the plants' business systems.
Phil Goldstein
by

Phil Goldstein is a former web editor of the CDW family of tech magazines and a veteran technology journalist. He lives in Washington, D.C., with his wife and their animals: a dog named Brenna, and two cats, Grady and Princess.

The recent cyberattacks that targeted U.S. nuclear power plants and other energy facilities emanated from Russia, according to U.S. government officials, and the Energy Department is helping power firms shore up their defenses against further incursions

Russian government hackers were behind the attacks, unnamed U.S. officials told The Washington Post. The newspaper reported: “The U.S. officials said there is no evidence the hackers breached or disrupted the core systems controlling operations at the plants, so the public was not at risk. Rather, they said, the hackers broke into systems dealing with business and administrative tasks, such as personnel.” 

Multiple news outlets, starting with Reuters, have reported that the Department of Homeland Security and FBI issued a June 28 joint alert “to industrial firms, warning them of hacking targeting the nuclear, power and critical infrastructure sectors,”  Reuters notes. DHS and the FBI warned that “advanced, persistent threat actors” — using stolen network log-in and password information “to gain a foothold in company networks,”  according to the Post. The attacks have been targeting the energy industry since May, according to the alert. 

The agencies did not name Russia in their alert, but the National Security Agency  “has detected specific activity by the Russian spy agency, the FSB, targeting the energy firms,” according to the Post.  The New York Times notes that the “advanced, persistent threat” language is often used by security specialists to describe hackers backed by governments.

Meanwhile, the Energy Department says it is trying to help energy companies firm up their cybersecurity defenses and limit the impact of the attacks.

“DOE is working with our government and industry partners to mitigate any impact from a cyber intrusion affecting entities in the energy sector,” an Energy Department spokesperson said in an email to Reuters. “At this time, there has been no impact to systems controlling U.S. energy infrastructure. Any potential impact appears to be limited to administrative and business networks.” 

More On

Related Stories

Close

Become an Insider

Unlock white papers, personalized recommendations and other premium content for an in-depth look at evolving IT

Subscribe Now