Nuclear power facilities have been among the targets of multiple hacking attacks in the United States since May, disclosed in a joint report issued by the Department of Homeland Security and the FBI, the New York Times reports.
Other energy and manufacturing companies have been victim of the malware attacks, which have reportedly been in the form of spear phishing attempts on the personal computers of employees working for the plants. There is no evidence that the hacking attempts have penetrated control systems of the facilities themselves.
One such facility as identified in the report is a nuclear power plant in Burlington, Kansas, owned by the Wolf Creek Nuclear Operating Corporation. The company has said that the internal networks which actually keep the plant functioning are separate from the corporate network over which it conducts business.
The DHS-FBI report concludes that these hacks have been more like along the lines of a reconnaissance attempt to map out networks in advance of a possible future malicious attack.
Federal officials have assigned an “amber” level threat to these cyber intrusions, the second-highest in terms of severity. But “There is no indication of a threat to public safety, as any potential impact appears to be limited to administrative and business networks,” the report said, according to the Times.
The report did not identify a specific group or individual responsible, but described the techniques as similar to those conducted by state-level actors. Hackers used emails targeting senior level engineers at the plant with fake resumes laden with malicious code.
The report comes on the heels of a massive cyber-attack that affected business and infrastructure around the world last week. Dubbed ‘Not Petya’ after its initial confusion with another malware worm, it shut down critical systems primarily in Ukraine and Russia.
Not Petya, among others which have caused widespread damage, are allegedly variants of cyber weapons originally developed by the National Security Agency for penetration on foreign targets, such as Iran’s nuclear power facilities. The WannaCry attack in May is also linked to stolen NSA digital weapons.
Featured image courtesy of Emmelie Callewaert – Wikipedia