U.S. utilities including nuclear firms hacked; Russian Federation primary suspect

Spokespeople for one of the targets, the Wolf Creek Nuclear Operating Corporation (in charge of a facility near Burlington in Kansas) said it maintained separate networks for corporate and operations systems, so there was no risk to its power stations.

For the past couple of months, hackers have breached the computer networks of companies that operate nuclear power facilities in the United States, according to a new report from federal law enforcement officials.

Hackers have reportedly been targeting computer networks of companies that operate nuclear power plants, manufacturing facilities, as well as other energy firms across the U.S. and other countries.

Although hackers have successfully penetrated computers belonging to employees at companies controlling nuclear facilities, they have not been successful in making the jump from a single computer to a facility's operating or security systems. Bloomberg reported Russian Federation is the chief suspect in the hacks. Not only that, but sources with knowledge of the ongoing investigation revealed to the NY Times that "Energetic Bear" (a known Russian hacking group) uses the same sort of hacking techniques as those revealed in the joint report.

According to the New York Times, whose staff obtained the report, the hacking operation has been underway since May, and carries an "urgent amber warning". "However, the attacks appear to have been government sponsored (from the "'active persistent threat' actor" language used to describe those responsible).

A series of cyberattacks has been leveled at the computer networks of American nuclear power plants. According to the report, the hackers did not intend to take down the plants themselves, instead, they attempted to infiltrate the corporate networks of the companies that run the plants. E&E News reports that none of the "dozens" of federal workers and utility and cyber experts it interviewed in recent weeks gave any indication of where the attack came from.

The report does not indicate whether these cyber attacks were linked to industrial espionage or attempt to cause damage to these plants. Worldwide governments have also taken to deeming power plants as criticial infrastructure to offer them additional security against potential cyberthreats.

Greg Martin, the CEO of cybersecurity firm JASK, said that while it was "wonderful" that network segmentation prevented hackers from being able to attack critical infrastructure directly, "the business side has tons of information about the more vulnerable infrastructure side of these types of plants".