More Attention Should be Paid to Nuclear Power Plant Cybersecurity

Over the years, there has been a significant amount of research with cybersecurity in mind re: industry targets. These include, but have not been limited to government contractors, the government units (e.g. the FDIC), and auto manufacturers. During the year, there may be an increase in focus based on financial trends (e.g. consumer retail near the holidays). One industry not significantly researched as it relates to cybersecurity has been the nuclear power industry.

The Department of Homeland Security (DHS) and the FBI did however publish a joint report in July 2017 focused on warning nuclear power plants operators and cybersecurity. The report noted over 24 nuclear facilities were targeted with at least 12 of these breached.

Why targeted?

Previous attacks focused on the plants, naturally, but also the quality control engineers. Focusing on the plants is relatively obvious, The attacks previously noted also focused on the quality control engineers. These persons were likewise a focus due to them having access to the operational systems of the plants, and a mass amount of germane data and information on the nuclear power plant itself.

Attacker Specification

The attackers were not limited to a nation, but were from across the globe. There were however certain types or forms of attacks which appear to be from certain specific groups. One example of this was the Russian Energetic Bear group. The attacks were also not done by a single person. These attacks required a team and a significant amount of time and backing.

Methods

The attack methods vary for each use case and target. There is not a template for the attacks that is applied to all the targets uniformly. The attackers may use, as an example, phishing or spear phishing as the tool. This has been very useful across many industries, with malicious links and/or word documents. For this industry, the attackers may use watering hole attacks.

Resources

Canon, S. (2017, July 7). How hard is it to hack a nuclear plant? It takes alot more than one person for starters. Retrieved from http://www.kansascity.com/news/local/article160156659.html

Condliffe, J. (2017, July 7). Hackers have been targeting U.S. nukes. Retrieved from https://www.technologyreview.com/s/608247/hackers-have-been-targeting-us-nukes/

Cooper, D. (2017, July 7). Russian hackers target the US nuclear industry. Retrieved from https://finance.yahoo.com/news/russian-hackers-target-us-nuclear-105800110.html

DailyMail.com. (2017, July 7). Russian hackers have ‘tried to infiltrate computer systems of a nuclear power plant and at least 11 other energy facilities in the US since May’. Retrieved from http://www.dailymail.co.uk/news/article-4675864/Russian-hackers-suspected-power-plant-cyberattacks.html

Finger, S. (2017, July 6). Hackers targeting wolf creek and other nuclear power plants. Retrieved from http://www.kansas.com/news/local/article160030764.html

Forrest, C. (2017, July 7). Massive cyberattack on US critical infrastructure will hit within 2 years, say 60% of security pros. Retrieved from http://www.techrepublic.com/article/massive-cyberattacks-on-us-critical-infrastructure-will-hit-within-2-years-say-60-of-security-pros/

Murphy, M. (2017, July 6). Hackers targeting U.S. nuclear power plant operators: Reports. Retrieved from http://www.marketreach.com/story/hackers-targeting-us-nuclear-power-plant-operators-report-2017-07-06

Musil, S. (2017, July 6). Hackers targeting US nuclear power plants, report finds. Retrieved from https://www.cnet.com/news/hackers-targeting-us-nuclear-power-plants-report-finds/

Nakashima, E. (2017, July 8). U.S. officials say russian government hackers have penetrated energy and nuclear company business networks. Retrieved from https://www.washingtonpost.com/world/national-security/us-officials-say-russian-government-hackers-have-penetrated-energy-and-nuclear-company-business-networks/2017/07/08

Owusu, T. (2017, July 7). Hackers could be targeting your local nuclear facility: FBI. Retrieved from https://www.thestreet.com/story/14215206/1/hackers-are-targeting-nuclear-facilities-dhs-says.html

Perlroth, N. (2017, July 6). Hackers are targeting nuclear facilities, homeland security dept and F.B.I. say. Retrieved from https://mobile.nytimes.com/2017/07/06/technology/nuclear-plant-hack-report.html

Porter, T. (2017, July 7). Russia is the chief suspect in U.S. nuclear power plants hack. Retrieved from http://www.newsweek.com/russia-russian-hackers-nuclear-power-633160

Reuters. (2017, July 7). U.S. energy department helping power firms defend against cyber attacks. Retrieved from https://mobile.nytimes.com/reuters/2017/07/07/technology/07-reuters-use-cyber-energy-nuclearpower.html

Seipel, B. (2017, July 6). Hackers targeting US nuclear facilities: report. Retrieved from http://thehill.com/policy/cybersecurity/340923-hackers-targeting-us-nuclear-facilities-report

Seth, S. (2017, July 6). Hackers breached at least a dozen US nuclear power sites-and officials are zeroing in on a familiar player. Retrieved from http://www.businessinsider.com/officials-believe-russia-hacked-us-nuclear-power-sites-2017-7

SSI Staff. (2017, July 7). Hackers targeting nuclear facilities are suspected to be russian. Retrieved from http://www.securitysales.com/emerging-tech/cybersecurity-tech/hackers-targeting-nuclear-facilities-suspected-russian/

Statt, N. (2017, July 6). Hackers are targeting nuclear power plant operators in the US. Retrieved from https://www.theverge.com/2017/7/6/15932206/hackers-targeting-us-nuclear-power-plant-operators

Stonesifer, J. (2017, July 7). Beaver valley nuclear plant not affected by cyber security incident. Retrieved from http://www.timesonline.com/news/business/beaver-valley-nuclear-plant-not-affected-by-cyber-security-incident/

The Emporia Gazette. (2017, July 8). Wolf creek targeted by cyber attack. Retrieved from http://www.emporiagazette.com/news/article_27676f46-6af7-53e0-8885-7f46be5dc5de.html

The World Staff. (2017, July 7). Hackers have been targeting nuclear power plants in the US and abroad. Retrieved from https://www.pri.org/stories/2017-07-07/hackers-have-been-targetting-nuclear-plants-us-and-abroad

About the Author - Charles Parker, II has been working in the info sec field for over a decade, performing pen tests, vulnerability assessments, consulting with small- to medium-sized businesses to mitigate and remediate their issues, and preparing IT and info sec policies and procedures. Mr. Parker’s background includes work in the banking, medical, automotive, and staffing industries.

Featured Posts
Posts are coming soon
Stay tuned...
Recent Posts
Archive
Search By Tags
No tags yet.
Follow Us
  • Facebook Basic Square
  • Twitter Basic Square
  • Google+ Basic Square