The FBI and the Department of Homeland Security issued a joint report detailing malware attacks targeting employees of companies that operate nuclear power plants in the U.S., including the Wolf Creek Nuclear Operating Corporation in Burlington, Kan., according to the cybersecurity firm Tripwire.
The agencies communicated this report via an “amber” alert to the industry, which, Tripwire reported, is the second-highest level of severity for these types of reports from the FBI and DHS.
According to a New York Times article, hackers have been penetrating the computer networks of these companies along with other energy facilities and manufacturing plants in the U.S. and other countries since May.
The reports do not make clear how many facilities were breached, what the intentions of the hacks were (espionage, terror, stealing industrial secrets, etc.) or whether the hackers were able to get from their victims’ computers to the facilities’ control systems.
The report described an “advanced consistent threat” actor that was responsible, although it did not indicate the origins of the hackers. The language used, according to the Times article, is the language security specialists often use to describe government-backed hackers, however.
Paul Edon, director of international customer services Tripwire, explained, “With most industrial control systems now connected to the Internet, they have become vulnerable to targeted cyberattacks and cyber-espionage campaigns. However, because the systems were not designed with security in mind, they are largely unequipped to deal with these attacks.”
Edon urged action on the parts of business: “For any business that has an industrial control system footprint, whether in manufacturing, transportation or energy, now is the time to evaluate how the environment is being secured. Failure to do so could result in a devastating attack, which could cause serious damage or even endanger public safety.
“The first step is to review one of the available ICS Cyber Security Frameworks — i.e., ‘NIST Guide to Industrial Control Systems (ICS) Security’ or ‘CPNI - Security for Industrial Control Systems Framework.’ This will assist organizations in better understanding the challenges, requirements and responsibilities with regard to governance, business risk, managing ICS life cycle, education and skills, security improvements, vulnerability management, third party risk, and response capability.”
Visit www.tripwire.com for information.