The FBI, the Department of Homeland Security, the operator of a nuclear power plant in Kansas and a trade organization, the Nuclear Energy Institute, have all said that recent cyber attacks have compromised no operational functions on any energy plant. Still, government agencies have circulated an urgent report on the matter, which indicates the second highest level of concern in U.S. security situations.
“There is no indication of a threat to public safety, as any potential impact appears to be limited to administrative and business networks,” the FBI and Homeland Security said in a joint statement.
Wolf Creek Nuclear Operating Corp, which operates the Wolf Creek 1 pressurized water reactor near Burlington, Kan., the nuclear plant named in the federal report, also said that no operational systems were breached in the latest round of attacks. A spokesman for the Nuclear Energy Institute, Jeff Keeley, quoted by The New York Times, said no plants in the country had been compromised.
Large power plants are required to report any cyber attack that targets infrastructure or operations. None have reported any such attacks, Keeley said.
However, President Donald Trump, in Warsaw, Poland, on Thursday, said Russia should “cease its destabilizing activities in Ukraine and elsewhere.” The Times noted that the recent attacks bore striking resemblances to other hacking activity that was traced to a Russian hacker group called Energetic Bear, first identified in 2012.
The FBI and Homeland Security report noted that the attacks were considered an “advanced, persistent threat,” which can be security administration lingo for attacks backed by a foreign government.
Trump could use the attacks as a reason to be confrontational with Russia, which is suspected of using hacking techniques to help sway the presidential elections his way. Combined with Trump’s repeatedly admiring remarks about Russian President Vladimir Putin, the media, and politicians in Washington are keeping a close eye on how chummy Trump might be when he meets with Putin at the Group of 20 meeting in Hamburg, Germany, this year.
On the ground, security experts and industry consultants say that there is very little chance that hackers could prompt an accident at a nuclear power plant, given the security strategies deployed around the country. In the first place, computers involved in operations at a nuclear plant have no access to the Internet, which is the source of online cyber attacks.
The New York Times, however, notes that the recent attacks are not directed at computers, so much as people. And people are vulnerable to any number of compromises.
The recent attacks come in various forms. One style uses items, such as employment resumes that are fake. Their real purpose is to gain access to the computer or to the network of computers, which occurs when the recipients innocently click to open the document. The Times reported that plant operators had received resumes created by Microsoft Word.
Another style hackers use to monitor Internet activities of a computer’s user. Hackers then find ways to sabotage the operator’s computer by planting malevolent codes in the websites the user frequents.
A third style is to merely have plant code that allows hackers to monitor online activity closely. If the bug works, all online business goes through the hacker’s computers first, before it is channeled to the Internet.