Hackers have reportedly been breaking into computer networks of companies operating United States nuclear power stations, energy facilities and manufacturing plants, according to a new report by The New York Times.
The Department of Homeland Security and the FBI issued a statement last week confirming that the attacks had been occurring since May. The Kansas based Wolf Creek Nuclear Operating Corporation was among one of the companies targeted.
Wolf Creek officials told the Times they could not comment on cyberattacks or security issues, but no “operations systems” had been compromised. The disclosure was included in a report issued June 28 by the Department of Homeland Security and the FBI.
The Times said security specialists responding to the attacks confirmed the report, which carried an urgent amber warning, “the second-highest rating for the severity of the threat”.
Further details of the attacks were not immediately made known, including the number of successful hacks, whether the hacks were an attempt at espionage or if hackers were looking to steal trade secrets.
According to the report, it did not appear that hackers got into control systems at any of the hacked facilities. The origins of the hackers are not known, though the report noted an “advanced persistent threat” actor was responsible.
Security specialists often use such language to describe hackers backed by governments, according to the Times. In addition, two people familiar with the probe told the Times “the hackers techniques mimicked those of the organization known to cybersecurity specialists as ‘Energetic Bear,’ the Russian hacking group that researchers have tied to attacks on the energy sector since at least 2012”.
The hackers also appeared to map out computer networks for future attacks, the report noted. On May 11, President Donald Trump signed an executive order to strengthen the cybersecurity defenses of federal networks and critical infrastructure.
The directive required federal agencies and public companies to work together to reduce risks and help defend critical infrastructure operations “at greatest risk of attacks that could reasonably result in catastrophic regional or national effects on public health or safety, economic security, or national security”, according to the report.