Hackers have for weeks been targeting computer systems associated with U.S. nuclear facilities and power plants in a bid to glean information to use in subsequent cyberattacks, according to U.S. authorities.
The attempted penetrations began in May and were highlighted in an urgent, joint report issued by the Department of Homeland Security and FBI last week, The New York Times and Bloomberg reported Thursday after reviewing the warning.
At least a dozen U.S. power plants were successfully breached to some degree, Bloomberg reported, including Wolf Creek Nuclear Operating Corp. in Kansas.
In some instances, perpetrators attempted to breach targeted systems by sending attractive but malicious emails to senior industrial control engineers containing Microsoft Word attachments embedded with malware, the report said. Other times the hackers compromised legitimate websites visited by their targets or attempted to route their potential victims’ internet traffic through their own machines, The Times reported.
The DHS and FBI acknowledged the incidents in a statement Thursday but said “any potential impact appears to be limited to administrative and business networks.”
“There was absolutely no operational impact to Wolf Creek,” Wolf Creek spokeswoman Jenny Hageman told Bloomberg. “The reason that is true is because the operational computer systems are completely separate from the corporate network.”
“Regardless of whether malicious actors attempt to exploit business networks or operational systems, we take any reports of malicious cyber activity potentially targeting our nation’s energy infrastructure seriously and respond accordingly,” the Department of Energy said in its own statement Thursday.
The government’s June 28 report failed to positively identify the cyberattackers responsible but described the perpetrator as an “advanced persistent threat” actor, or APT — a term typically applied to sophisticated, state-sponsored hacking outfits.
Three individuals with knowledge of the government’s response said Russia is its main suspect, Bloomberg reported.
“We don’t pay attention to such anonymous fakes,” Kremlin spokesman Dmitry Peskov responded Thursday.
• Andrew Blake can be reached at ablake@washingtontimes.com.
Please read our comment policy before commenting.