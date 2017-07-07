Hackers Targeting US Nuclear Power Plants, Report Finds (cnet.com) 50
For the past couple of months, hackers have breached the computer networks of companies that operate nuclear power facilities in the US, according to a new report from federal law enforcement officials. From a report: One of the companies targeted was the Wolf Creek Nuclear Operating Corporation, which operates a nuclear facility near Burlington, Kansas, according to a joint report issued last week by the FBI and Department of Homeland Security and described by The New York Times. The report carried an urgent amber warning, the second-highest rating for the severity of the threat, the Times reported. Organizations running the nation's energy, nuclear and other critical infrastructure have become frequent targets for cyberattacks in recent years. In a 2013 executive order, President Barack Obama called cyberattacks "one of the most serious national security challenges we must confront."
Air Gap (Score:2)
Are the control systems at plants not isolated from the outside world?
If not, why not?
It seems obvious that they should be.
Re: (Score:2, Informative)
This is the advantage of the vintage of the U.S. nuclear fleet. The vast majority of the control systems, and just about all if not all safety-related control systems are electromechanical. There's nothing digital. You have to physically be there to screw with it. For those unfamiliar, the control logic doesn't use the fancy schmancy transistor, it uses electromechanical relays.
Plenty of plants have analog to digital converters that take process information for monitoring - even remotely, but these include
Re: (Score:2)
This is the advantage of the vintage of the U.S. nuclear fleet. The vast majority of the control systems, and just about all if not all safety-related control systems are electromechanical. There's nothing digital.
There are plenty of digital controls in nuclear plants. Yes, there is also a lot of older relay technology as well, but plants have been upgrading controls for quite some time. Critical safety systems are still mostly non-digital because of difficult licensing process for upgrade to digital, but that is also changing.
Re: (Score:2)
Re: (Score:3)
Are the control systems at plants not isolated from the outside world?
If not, why not?
It seems obvious that they should be.
Yes, they are isolated. But articles like this tend to hint that plants are hacked when in reality only the corporate business lans are involved in the attacked, not the isolated control systems. But headlines aren't so exciting if they reflect reality.
Re: (Score:2)
when in reality only the corporate business lans are involved in the attacked,
This.
But headlines aren't so exciting if they reflect reality.
People don't read good news, they react to the sensational bad news. Good news is too boring and run of the mill. "Dog behaved, baby slept peacefully, traffic flowed at a good rate on the interstate..." doesn't get clicks. "Dog eats sleeping baby in the back of a car stuck in a ten hour traffic jam" is what people want to read about.
Re: (Score:2)
Re: (Score:2)
Are the control systems at plants not isolated from the outside world?
Air Heads trump Air Gaps . . . the biggest threat to your computer system security is mechanical: "The loose nut behind the keyboard."
If not, why not?
Nothing can be made foolproof, because fools are so ingenious.
It seems obvious that they should be.
"Well, I don't think there is any question about it. It can only be attributable to human error. This sort of thing has cropped up before, and it has always been due to human error."
Re: (Score:3)
Are the control systems at plants not isolated from the outside world?
If not, why not?
It seems obvious that they should be.
From TFA (yeah, I know; too bad TFS didn't mention this small detail): "The safety and control systems for the nuclear reactor and other vital plant components are not connected to business networks or the internet," Wolf Creek spokeswoman Jenny Hageman said in a statement. "The plant continues to operate safely."
Re: (Score:1)
They are, as stated in the featured article.
Re: (Score:2)
Headline says the power plants were targeted, summary says the companies were targeted.
The headline is BS. The Wolf Creek plant controls were not involved at all, just the corporate business network which is completely separate. The headline intentionally implies something that didn't happen.
Who's up for Vodka? (Score:1)
This topic makes me thirsty. Who wants Vodka?
Re: (Score:2)
Re: (Score:2)
What if it were someone else's nuclear power plant?
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
all children study physics and can discern that it would not be a good idea to interfere with a nuclear power plant.
All children who are brought up right know it is not ethical to interfere with anything belonging to other people, even if it is connected to the internet. Hackers of this kind don't care, they want the cred for doing the most damage they can. And a lot of people today seem to think that if it is connected to the internet then it is fair game for anything they can do to it.
Re: (Score:2)
Who wants Vodka?
. . . and then the CIA guy answers, "Don't bother pouring a separate glass for me . . . I'll just take drinks out of the glasses of every one else . . . "
control rods just need some hitting Y on vent gas (Score:2)
control rods just need some hitting Y on vent gas all day long.
Re: (Score:2)
Venting prevents explosion.
Wup Wup! (Score:2)
We knew this was going on (Score:3)
Re: (Score:2)
It's not crazy (Score:2)
Until you can convince upwards to
Re: (Score:2)
Re: (Score:2)
it's cheaper to have them internet accessible. That's the basic problem with nuclear power. It's perfectly safe if you take all necessary precautions. But sooner or later some small government types come in, convince everyone they can cut their taxes by being every so much more efficient as a private company, take over and find running a nuke plant is _hard_. Like, really hard; and finally they start cutting corners and running the plants longer than they're supposed to. Until you can convince upwards to 90% of the population that having a nuclear power plant run by the lowest bidder is a bad idea I'm gonna oppose nuclear.
First, they are not internet accessible. Not sure why you think they are other than gullible acceptance of a misleading headline. Furthermore, they are not run by the lowest bidder. But hey, maybe you could help write more misleading headlines, you seem to have the knack.
Here's the question to ask... (Score:2)
Is the US government, under its various organs doing anything similar - or even bankrolling any entity abroad given what we've learned (thorough Wikileaks) over the last few months?
Weren't hackers always a threat? (Score:2)
I remember back in the early 2000s hearing about hacker threats to key infrastructure like power plants, water filtration, and the like. The solution then is if you don't air gap your mission critical systems, you're an idiot and shouldn't be in a job.
How is 2017 any different to then and why is "muh Russia" the most shouted phrase while happily ignoring China, Israel, Pakistan, and well every other country with a vested interest in national and corporate espionage?
Isn't this a repost? (Score:2)
I think I've seen this same misleading bullshit article title literally once a month since 9/11/01.
So the administrative (read: Windows) network got some malware at a nuke plant? Shocking. I'd honestly think I'd be more shocked if the headline said that a nuclear facility had never gotten its Windows network breached, because I've never seen one that hasn't been.
Now, if the article showed that someone was fucking with the reactors or other critical systems, I'd be worried. But every article for the last 16
Re: (Score:2)
big deal (Score:2)
I get a few fishing emails a day that make it through the spam filter. No where in the linked article is there any evidence of anything different than the spam i get which is the same as anyone gets.
Sure some may be more akin to spear phishing but its hardly a national emergency. Don't open attachments from random people on the internet. If your responsible for a nuclear power plant, be even more cautious!
Common sense, nothing to write an article about, which trump will then read and do something half assed