Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
United States Privacy Security Politics

Hackers Targeting US Nuclear Power Plants, Report Finds (cnet.com) 91

For the past couple of months, hackers have breached the computer networks of companies that operate nuclear power facilities in the US, according to a new report from federal law enforcement officials. From a report: One of the companies targeted was the Wolf Creek Nuclear Operating Corporation, which operates a nuclear facility near Burlington, Kansas, according to a joint report issued last week by the FBI and Department of Homeland Security and described by The New York Times. The report carried an urgent amber warning, the second-highest rating for the severity of the threat, the Times reported. Organizations running the nation's energy, nuclear and other critical infrastructure have become frequent targets for cyberattacks in recent years. In a 2013 executive order, President Barack Obama called cyberattacks "one of the most serious national security challenges we must confront."
This discussion has been archived. No new comments can be posted.

Hackers Targeting US Nuclear Power Plants, Report Finds

Comments Filter:
  • This topic makes me thirsty. Who wants Vodka?

    • by Max_W ( 812974 )
      In my opinion it is not the Usual Suspects this time. In Russia there is a compulsory secondary education, all children study physics and can discern that it would not be a good idea to interfere with a nuclear power plant.
      • by rjmx ( 233228 )

        What if it were someone else's nuclear power plant?

      • That might be a valid thought if there were actually a nuclear plant attacked in this case, but there wasn't , just a completely misleading headline.
      • all children study physics and can discern that it would not be a good idea to interfere with a nuclear power plant.

        All children who are brought up right know it is not ethical to interfere with anything belonging to other people, even if it is connected to the internet. Hackers of this kind don't care, they want the cred for doing the most damage they can. And a lot of people today seem to think that if it is connected to the internet then it is fair game for anything they can do to it.

      • by Layzej ( 1976930 )

        The chief suspect is Russia, according to three people familiar with the continuing effort to eject the hackers from the computer networks. One of those networks belongs to an aging nuclear generating facility known as Wolf Creek -- owned by Westar Energy Inc., Great Plains Energy Inc. and Kansas Electric Power Cooperative Inc. -- on a lake shore near Burlington, Kansas.

        The possibility of a Russia connection is particularly worrisome, former and current officials say, because Russian hackers have previously

    • Who wants Vodka?

      . . . and then the CIA guy answers, "Don't bother pouring a separate glass for me . . . I'll just take drinks out of the glasses of every one else . . . "

  • by Anonymous Coward

    "There is no indication of a threat to public safety, as any potential impact appears to be limited to administrative and business networks,” the government agencies said."

    Zero Cool isn't fucking with the control rods of a reactor from his mom's basement. This is just another intrusion of an organization with poor security.

  • Slashdot users find semit hysterical incorrect headline on Slashdot article.
  • by evolutionary ( 933064 ) on Friday July 07, 2017 @03:40PM (#54765821)
    Okay this is not really that new. The tech community knews this was going on for sometime since power companies (for some crazy reason) are internet accessible. Even in the Snowden movie it was shown that the CIA was getting into power plants and hospitals of allies (now semi-allies?) for the purposes of "pressure" if they took actions the CIA decided it didn't like. So of course we've been targeted. Was probably one of the earlier targeted industries since the cyberwar with other countries started.
    • it's cheaper to have them internet accessible. That's the basic problem with nuclear power. It's perfectly safe if you take all necessary precautions. But sooner or later some small government types come in, convince everyone they can cut their taxes by being every so much more efficient as a private company, take over and find running a nuke plant is _hard_. Like, really hard; and finally they start cutting corners and running the plants longer than they're supposed to.

      Until you can convince upwards to
      • Uh, this is a POWER provider. In security, there is no such thing as perfectly safe, especially if it has the potential be accessed en masse. Whether we SHOULD use nuclear is a different topic but the dangers of an essential service having critical components accessible via the Internet the risks are not increasingly clear. I remember reading how water treatment in a small town with a way outdated server connected to the Internet was accidentally hacked by a low level hacker who thought he was in something
      • it's cheaper to have them internet accessible. That's the basic problem with nuclear power. It's perfectly safe if you take all necessary precautions. But sooner or later some small government types come in, convince everyone they can cut their taxes by being every so much more efficient as a private company, take over and find running a nuke plant is _hard_. Like, really hard; and finally they start cutting corners and running the plants longer than they're supposed to. Until you can convince upwards to 90% of the population that having a nuclear power plant run by the lowest bidder is a bad idea I'm gonna oppose nuclear.

        First, they are not internet accessible. Not sure why you think they are other than gullible acceptance of a misleading headline. Furthermore, they are not run by the lowest bidder. But hey, maybe you could help write more misleading headlines, you seem to have the knack.

    • The tech community knews this was going on for sometime since power companies (for some crazy reason) are internet accessible.

      IF they truly are internet accessible, then I've mapped them myself. zmap is great.

  • Is the US government, under its various organs doing anything similar - or even bankrolling any entity abroad given what we've learned (thorough Wikileaks) over the last few months?

  • I remember back in the early 2000s hearing about hacker threats to key infrastructure like power plants, water filtration, and the like. The solution then is if you don't air gap your mission critical systems, you're an idiot and shouldn't be in a job.

      How is 2017 any different to then and why is "muh Russia" the most shouted phrase while happily ignoring China, Israel, Pakistan, and well every other country with a vested interest in national and corporate espionage?

    • by AHuxley ( 892839 )
      In the past some dial up modem would be used to look over lists of interesting phone numbers.
      A connection to a company modem would be made and commands attempted. More details about the OS, file system, wider network would requested after a connection would be made. Sometimes just to use that networks speed to move a lot of data around from other more interesting networks and get some data stored to work on later given dial up speeds.
      A list of all extension phone numbers would be tried until a modem go
  • Isn't this a repost? (Score:5, Interesting)

    by clonehappy ( 655530 ) on Friday July 07, 2017 @04:36PM (#54766159)

    I think I've seen this same misleading bullshit article title literally once a month since 9/11/01.

    So the administrative (read: Windows) network got some malware at a nuke plant? Shocking. I'd honestly think I'd be more shocked if the headline said that a nuclear facility had never gotten its Windows network breached, because I've never seen one that hasn't been.

    Now, if the article showed that someone was fucking with the reactors or other critical systems, I'd be worried. But every article for the last 16 years has always been this same kind of clickbait garbage.

    • ^actually, it wasn't even necessarily on the admin network at the plant offices, all we know it was the admin network of the company that owns the plant.
    • by AmiMoJo ( 196126 )

      Nuclear plants, hospitals and the like are attractive targets for malware. Even if it's only the admin network that is hit, they have to fix it. There are legal requirements for record keeping, privacy, that sort of thing. The place can be forced to shut down if it can't do the paperwork.

      So there is a strong incentive to pay the ransom.

    • The liked article might be bad.
      But the articles in german news clearly say: the hackers could power down the plant or cause other havoc.
      If that is true, I don't know.

  • I get a few fishing emails a day that make it through the spam filter. No where in the linked article is there any evidence of anything different than the spam i get which is the same as anyone gets.

    Sure some may be more akin to spear phishing but its hardly a national emergency. Don't open attachments from random people on the internet. If your responsible for a nuclear power plant, be even more cautious!

    Common sense, nothing to write an article about, which trump will then read and do something half assed

  • mdsolar is back...submitting as a AC
  • by doug141 ( 863552 ) on Friday July 07, 2017 @11:31PM (#54767799)

    All the people saying control systems weren't affected seem too unconcerned about the long game. The hackers undoubtedly have better kompromat opportunities for deeper and better attacks now. An air-gapped system doesn't protect you when an employee has been blackmailed, bought, or duped.

Small is beautiful.

Working...