Russian government agents were behind a series of cyber-attacks targeting the business side of various nuclear companies within the U.S., according to a report Saturday from The Washington Post.
There is no evidence the hackers disrupted the core systems controlling operations at the plants, officials told WaPo. The Russian hackers broke into the administrative and business side of the companies’ tasks, so the public was not at risk, they said.
Saturday’s report, which was based entirely on anonymous reporting, comes after the FBI and Department of Homeland Security (DHS) noted that foreign actors were hacking into the business dealings of the U.S. energy industry in May. The agencies issued a joint alert June 28 stating that “advanced, persistent threat actors” were swiping network log-in and password information to gain a foothold in company networks.
Officials did not report the intrusions to the Nuclear Regulatory Commission at the time of the initial hacks, suggesting that the breach was not a matter of immediate concern.
Many U.S. nuclear reactors are operated in full analog mode with no digital inputs. Computers that aren’t connected to the internet manage some reactors, but they’re only there to monitor and increase efficiency.
The nuclear companies that were targeted say the intrusions were more of a nuisance than a signal of something more malicious.
Kansas-based Wolf Creek Nuclear Operating, for instance, issued a statement saying that “there has been absolutely no operational impact to Wolf Creek.” Wolf Creek has operational computer systems that are separate from the corporate network – the nation’s other 100 nuclear facilities have similar security measures.
“The safety and control systems for the nuclear reactor and other vital plant components are not connected to business networks or the Internet,” spokeswoman Jenny Hageman told reporters Saturday.
Cybersecurity firms appear to mirror Wolf Creek and Blee’s contentions.
“There’s no need for hype and hysteria, but this is an issue that should be taken seriously because of the state of the industrial networks,” Galina Antova, co-founder of the cyberfirm Claroty, said in a statement to WaPo.
But anonymous officials said the intrusions mark the first-time Russian agents are known to have slinked their way into the U.S. nuclear industry. They told WaPo that it could mean that Russia is intent on laying the ground for more damaging hacks.
Russian hackers disrupted Ukraine’s electrical system in 2015, plunging 225,000 customers into darkness during a cold winter month. Russia tested a cyber weapon last year in Kiev that was capable of disrupting power grids around the world.
WaPo’s report comes one day after President Donald Trump met with Russian President Vladimir Putin in Germany to discuss cyber security issues, as well as Russia’s role in meddling in the U.S. election. CNN reported prior to the meeting that Trump would not bring up the election hacking – the outlet’s reporting was based on anonymous sources. The president did, in fact, confront Russian President Vladimir Putin over election hacking.
Trump wrote a series of tweets Sunday morning, which revealed that he spoke to Putin about the possibility of forming an “impenetrable Cyber Security unit.” U.S. technology companies routinely share sensitive information with Russian agencies to gain access to the country’s lucrative tech market.
WaPo, The New York Times and other notable outlets have repeatedly relied on anonymous sources for reports detailing the Trump administration’s alleged ties to Moscow. Intelligence agencies would later dismiss as pure hokum some of these reports.
Former FBI Director James Comey, for example, said during congressional testimony in May that a bombshell Feb. 14 report in the New York Times was “almost entirely wrong.”
Read more at Daily Caller