FBI, DHS Detail Hacks Targeting Nuclear Facilities

The FBI and the Department of Homeland Security issued a joint report detailing malware attacks targeting employees of companies that operate nuclear power plants in the U.S., including the Wolf Creek Nuclear Operating Corporation in Burlington, Kan., according to the cybersecurity firm Tripwire.

The agencies communicated this report via an “amber” alert to the industry, which, Tripwire reported, is the second-highest level of severity for these types of reports from the FBI and DHS.

According to a New York Times article, hackers have been penetrating the computer networks of these companies along with other energy facilities and manufacturing plants in the U.S. and other countries since May.

The reports do not make clear how many facilities were breached, what the intentions of the hacks were (espionage, terror, stealing industrial secrets, etc.) or whether the hackers were able to get from their victims’ computers to the facilities’ control systems.

The report described an “advanced consistent threat” actor that was responsible, although it did not indicate the origins of the hackers. The language used, according to the Times article, is the language security specialists often use to describe government-backed hackers, however.

Paul Edon, director of international customer services Tripwire, explained, “With most industrial control systems now connected to the Internet, they have become vulnerable to targeted cyberattacks and cyber-espionage campaigns. However, because the systems were not designed with security in mind, they are largely unequipped to deal with these attacks.”

Edon urged action on the parts of business: “For any business that has an industrial control system footprint, whether in manufacturing, transportation or energy, now is the time to evaluate how the environment is being secured. Failure to do so could result in a devastating attack, which could cause serious damage or even endanger public safety.

“The first step is to review one of the available ICS Cyber Security Frameworks — i.e., ‘NIST Guide to Industrial Control Systems (ICS) Security’ or ‘CPNI - Security for Industrial Control Systems Framework.’ This will assist organizations in better understanding the challenges, requirements and responsibilities with regard to governance, business risk, managing ICS life cycle, education and skills, security improvements, vulnerability management, third party risk, and response capability.”

Visit www.tripwire.com for information.

Former Associate Editor Tim Scally wrote and edited news-focused articles and columns, including Insider and Newswire. Along with attending shows and delivering breaking news, Tim wrote blog posts, feature articles and company profiles; he also deployed the SDM e-newsletter and posts to social media. Before joining SDM from a previous editorial position at BNP Media, Tim spent more than 10 years as a middle- and high-school English teacher. He holds a Bachelor of Science degree in English Education from Maranatha Baptist University.

Join us for an insightful webinar where we delve deep into the ever-evolving landscape of video surveillance. As the demand for robust security solutions continues to surge, staying ahead of the curve is imperative.

PSA Security Network is one of the nation’s leading sources for education, training, and industry networking events. With multiple settings and events throughout the year to meet and exchange industry knowledge, there is something for everyone.