Russia is the Chief Suspect in U.S. Nuclear Power Plants Hack

GettyImages-704221
Steam rises between reactors 2 and 3 at the San Onofre Nuclear Generating Station (SONGS) March 1, 2002 near San Clemente, CA. David McNew/Getty Images

Russian government-sponsored hackers are suspected of being behind the penetration of computer systems at several U.S. nuclear power plants. 

Three people familiar with efforts to combat the hack told Bloomberg that Russian hackers were the chief suspects, who had planned to disrupt the nation’s power supply, officials said. The hackers accessed computer systems at at least a dozen nuclear power stations, including the Wolf Creek nuclear facility in Kansas. 

Officials told the New York Times that the techniques used by the hackers mimicked those used by Russian hacking group Energetic Bear, which is believed to have been responsible for attacks on the global energy sector since 2012.

The hackers targeted industrial control engineers, who have access to critical industrial control systems, sending them emails with fake resumes, according to a report on the hack by the FBI and Department of Homeland Security seen by the Times. If damaged, the critical control systems can cause an explosion, fire or the spill of dangerous materials.

When clicked, the resumes infected computers, allowing the hackers to access other machines in the network.

On Saturday, Reuters reported that the U.S. government had warned industrial firms of the hacking campaign targeting the nuclear and energy sectors since May.

"Historically, cyber actors have strategically targeted the energy sector with various goals ranging from cyber espionage to the ability to disrupt energy systems in the event of a hostile conflict," said the Department of Homeland Security and FBI report on the hack. 

Energy firms have reportedly been concerned about the danger posed by hackers since December 2016, when hackers shut down electricity systems in Ukraine. A January report by the U.S. Energy Department warned that energy systems faced “imminent danger” from cyber attacks, which are growing more frequent and sophisticated.

In a joint statement to Bloomberg, the FBI and Department of Homeland Security said they were aware of the potential intrusion in the energy sector.

“There is no indication of a threat to public safety, as any potential impact appears to be limited to administrative and business networks,” the government agencies said.