nuclear-news

The News That Matters about the Nuclear Industry

Suspicion falls on Russia, in the hacking of USA nuclear sites

Russians Are Said to Be Suspects in Nuclear Site Hackings, Bloomberg, By Michael Riley, Jennifer A Dlouhy, and Bryan Gruley 6 July 2017
  • Attacks could pave way to disrupt U.S. electric grid
  • Kansas site is among those trying to eject intruders
  • Hackers working for a foreign government recently breached at least a dozen U.S. power plants, including the Wolf Creek nuclear facility in Kansas, according to current and former U.S. officials, sparking concerns the attackers were searching for vulnerabilities in the electrical grid.

    The rivals could be positioning themselves to eventually disrupt the nation’s power supply, warned the officials, who noted that a general alert was distributed to utilities a week ago. Adding to those concerns, hackers recently infiltrated an unidentified company that makes control systems for equipment used in the power industry, an attack that officials believe may be related.

    The chief suspect is Russia, according to three people familiar with the continuing effort to eject the hackers from the computer networks. One of those networks belongs to an aging nuclear generating facility known as Wolf Creek — owned by Westar Energy Inc., Great Plains Energy Inc. and Kansas Electric Power Cooperative Inc. — on a lake shore near Burlington, Kansas.

  • The possibility of a Russia connection is particularly worrisome, former and current officials say, because Russian hackers have previously taken down parts of the electrical grid in Ukraine and appear to be testing increasingly advanced tools to disrupt power supplies…….
  • Several private security firms are studying data on the attacks, but none has linked the work to a particular hacking team or country…….
  • Many of the power plants are conventional, but the targeting of a nuclear facility adds to the pressure. While the core of a nuclear generator is heavily protected, a sudden shutdown of the turbine can trigger safety systems. These safety devices are designed to disperse excess heat while the nuclear reaction is halted, but the safety systems themselves may be vulnerable to attack.

    Homeland Security and the FBI sent out a general warning about the cyberattack to utilities and related parties on June 28, though it contained few details or the number of plants affected. The government said it was most concerned about the “persistence” of the attacks on choke points of the U.S. power supply. That language suggests hackers are trying to establish backdoors on the plants’ systems for later use, according to a former senior DHS official who asked not to be identified.

    Those backdoors can be used to insert software specifically designed to penetrate a facility’s operational controls and disrupt critical systems, according to Galina Antova, co-founder of Claroty, a New York firm that specializes in securing industrial control systems.

    “We’re moving to a point where a major attack like this is very, very possible,” Antova said. “Once you’re into the control systems — and you can get into the control systems by hacking into the plant’s regular computer network — then the basic security mechanisms you’d expect are simply not there.”

  • The situation is a little different at nuclear facilities. Backup power supplies and other safeguards at nuclear sites are meant to ensure that “you can’t really cause a nuclear plant to melt down just by taking out the secondary systems that are connected to the grid,” Edwin Lyman, a nuclear expert with the Union of Concerned Scientists, said in a phone interview.

    The operating systems at nuclear plants also tend to be legacy controls built decades ago and don’t have digital control systems that can be exploited by hackers. Wolf Creek, for example, began operations in 1985. “They’re relatively impervious to that kind of attack,” Lyman said….. https://www.bloomberg.com/news/articles/2017-07-07/russians-are-said-to-be-suspects-in-hacks-involving-nuclear-site

Advertisements

July 7, 2017 - Posted by | secrets,lies and civil liberties, USA

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: