Hackers Have Been Targeting US Nuclear And Power Plants, And Russia Is Reportedly Suspected

The Department of Homeland Security and the FBI said they "are aware of a potential cyber intrusion affecting entities in the energy sector." Russia is reportedly the chief suspect.

Hackers believed to be working for a foreign government have recently penetrated the computer networks of power plants across the US, including a nuclear facility in Kansas, according to reports published on Thursday.

Security specialists have been responding to attacks at various nuclear power and energy facilities since May, according to an urgent joint report issued on June 28 by the Department of Homeland Security (DHS) and the FBI, and obtained by the New York Times.

The Department of Energy (DOE) on Friday confirmed that a cyber intrusion, but said, at this time, "there has been no impact to systems controlling US energy infrastructure."

Any potential impact appears to be limited to administrative and business networks, the agency said in a statement. The DHS and the FBI also said there is no indication of a threat to public safety.

The DOE declined to go into specifics about where the attacks occurred, but multiple media outlets reported that at least a dozen power plants were affected, including the Wolf Creek nuclear facility in Kansas. The hackers behind the effort are believed to have been working for a foreign government, the chief suspect being Russia, sources told Bloomberg.

A spokesperson for the North American Electric Reliability Corporation, a not-for-profit regulatory authority for North America's bulk power system, said it "is aware of the incident and is exchanging information with the electricity industry through the NERC Electricity Information Sharing and Analysis Center’s secure portal. At this time, there has been no bulk power system impact in North America."

A DHS spokesperson would not comment on where the attacks came from, and how any facilities were compromised.

Wolf Creek said that while it cannot publicly comment on security issues, its operational controls have not been affected and the plant is operating safely.

"There has been absolutely no operational impact to Wolf Creek," Jenny Hageman, a spokesperson for the nuclear plant, said in a statement to BuzzFeed News. "The reason that is true is because the operational computer systems are completely separate from the corporate network."

Security officials warned that hackers appeared to be mapping out computer networks and searching for vulnerabilities to eventually disrupt the country's electrical grid and power supply, Bloomberg reported.

The attacks mostly targeted individuals connected to the companies manning the facilities, such as "industrial control engineers who have direct access to systems that, if damaged, could lead to an explosion, fire or a spill of dangerous material," according to the Times.

People familiar with the investigation told the Times that the hackers' techniques mimicked those of the Russian hacking group Energetic Bear, which is believed to have been attacking the energy sector since at least 2012.

US officials say they are taking the breach seriously, as Russia is also suspected to have been behind the massive cyberattack last month that crippled Ukraine. Ukrainian officials said that the country's power grid has been compromised several times, starting with a massive attack in 2015 and a more programmed one last year.

The latest hacking reports came as President Donald Trump prepared to meet with Russian President Vladimir Putin on Friday, though it remained unclear whether Trump would address US intelligence agencies' conclusion that Russian hackers attempted to influence the presidential election.

Topics in this article

Skip to footer