Unidentified hackers have been targeting the networks of companies responsible for operating nuclear power plants in the US for the last two months, according to The New York Times. Citing a joint report issued by both the Department of Homeland Security and the FBI some time last week, The Times’ story identifies one target as the Wolf Creek Nuclear Operating Corporation, a facility responsible for overseeing the operation of a nuclear power plant outside Burlington, Kansas. The report also states that energy companies and manufacturing plants are also being targeted, yet none are identified by name.
The severity of the attacks remain unclear, as does the motive for the cyberattacks. Hackers may be interested in stealing US infrastructure trade secrets, or in causing disruption to the operation of energy facilities. It’s also not clear whether more than one facility responsible for a nuclear power plant has been successfully breached, or if employees of Wolf Creek are the only victims thus far.
The joint report indicated that “there is no indication hackers had been able to jump from their victims’ computers into the control systems of the facilities,” according to The Times. Wolf Creek officials also confirmed to The Times that its “operations systems” are kept separate from the computer network of the facility, preventing cyberattacks like this from allowing hackers to directly control power plant systems.
Still, the hack is a serious cause for concern. The joint report suggests that the hackers are interested in mapping out the computer networks to inform potential future attacks. These attacks focused on employees who have direct access to systems that could cause environmental disasters like toxic waste spills and fires. It doesn’t appear that the group or individuals involved have been able to get past the individual computers of these industrial control engineers — yet.