Russian hackers are reportedly the main suspects behind a cyber attack that hit over a dozen US nuclear power plants across the U.S., according to a report by Bloomberg News, citing current and former U.S. officials.
Hackers working for a foreign government could be positioning themselves to eventually disrupt the nation’s power supply, warned the officials, who noted that a general alert was distributed to utilities a week ago.
Adding to those concerns, hackers recently infiltrated an unidentified company that makes control systems for equipment used in the power industry, an attack that officials believe may be related.
The chief suspect is Russia, according to three people familiar with the continuing effort to eject the hackers from the computer networks. One of those networks belongs to an aging nuclear generating facility known as Wolf Creek — owned by Westar Energy Inc., Great Plains Energy Inc. and Kansas Electric Power Cooperative Inc. — on a lake shore near Burlington, Kansas.
The possibility of a Russia connection is particularly worrisome, former and current officials say, because Russian hackers have previously taken down parts of the electrical grid in Ukraine and appear to be testing increasingly advanced tools to disrupt power supplies.
“There was absolutely no operational impact to Wolf Creek,” a spokeswoman for the nuclear plant told Bloomberg News. “The reason that is true is because the operational computer systems are completely separate from the corporate network.”
In a joint statement, The Department of Homeland Security and FBI confirmed the intrusion but didn’t name a suspect.
“There is no indication of a threat to public safety, as any potential impact appears to be limited to administrative and business networks,” the agencies said.
“We don’t tie this to any known group at this point,” said a lead analyst for FireEye Inc., a global cybersecurity firm. “It’s not to say it’s not related, but we don’t have the evidence at this point.”
“We’re moving to a point where a major attack like this is very, very possible,” Galina Antova, co-founder of Claroty, told Bloomberg.
“Once you’re into the control systems — and you can get into the control systems by hacking into the plant’s regular computer network — then the basic security mechanisms you’d expect are simply not there.”