7 July 2017

Ghana: Tech - Hackers Breached At Least a Dozen Us Nuclear Power Sites - - and Officials Are Zeroing in On a Familiar Player

Tagged:

US officials have concluded that hackers working on behalf of a foreign power recently breached at least a dozen US nuclear power sites, Bloomberg reported on Thursday.

Bloomberg cited multiple US sources who said they had zeroed in on Russia as the primary suspect behind the most recent attacks, including one at Kansas' Wolf Creek nuclear facility.

Officials believe the attacks may be related to a separate hack that happened late last month, in which unidentified hackers infiltrated the business-associated end of the power plant. The name and location of that site were not released, but E&E News reported that federal investigators were looking into cyberattacks on multiple facilities at the time.

When reached for comment about the latest hacks, government officials and a spokesperson for Wolf Creek said the operational side of its network had not been affected.

"There was absolutely no operational impact to Wolf Creek," Jenny Hageman, a spokeswoman for the nuclear plant, said in a statement to Bloomberg News. "The reason that is true is because the operational computer systems are completely separate from the corporate network."

But the hacks have raised red flags for investigators who worry Russia may be gearing up to levy an attack against the US power grid. If that were the case, it would fit into a pattern adopted by Russia in the past, particularly as it relates to Ukraine.

In 2015, a massive cyberattack leveled against the country's power grid cut electricity to almost 250,000 Ukrainians. Cybersecurity experts linked the attack to IP addresses associated with Russia. Since then, Wired magazine's Andy Greenberg reported, Ukraine has seen a growing crisis in which an increasing number of Ukrainian corporations and government agencies have been hit by cyberattacks in a "rapid, remorseless succession."

Russian President Vladimir Putin attends a meeting with Japanese foreign minister Fumio Kishida in St. Petersburg, Russia, December 2, 2016.

Ukraine is now host to what may turn into a full-blown cyberwar, Greenberg reported. Two separate attacks on the country's power grid were part of what Greenberg called a "digital blitzkrieg" waged against it for the past three years, which multiple analysts have connected to Russian interests.

With respect to the recent cyberattacks on US nuclear facilities, the Department of Homeland Security and Federal Bureau of Investigation said they were aware of the intrusions.

"There is no indication of a threat to public safety, as any potential impact appears to be limited to administrative and business networks," the agencies said in a statement.

But cybersecurity experts say that once a system is breached in any way -- even if it's not on the operational side -- nuclear safety could be at risk down the road.

"If a nuclear power facility is attacked on the business side, that might actually serve as a way of information-gathering" for hackers, Paulo Shakarian, founder of the cybersecurity firm CYR3CON, told Business Insider. In some cases, hackers will try to "see if, by reaching that system, they can get more insight into what the facility is using on the operational side," Shakarian said.

Though nuclear power providers have rigorous practices in place to divide business and nuclear operations in their networks, experts say an attack on one could inform an attack on the other.

Greg Martin, the CEO of cybersecurity firm JASK, said that while it was "wonderful" that network segmentation prevented hackers from being able to attack critical infrastructure directly, "the business side has tons of information about the more vulnerable infrastructure side of these types of plants."

That information can include emails; communications involving design plans; information about security assessments; emails or documents that contain passwords; and more. Martin echoed Shakarian's assessment and added that some information that can be gleaned from a breach like this can open up a window that "can be used to set up for future, more damaging attacks just based on the proprietary information they're able to steal."

These latest suspicions towards Russia come on the heels of a colossal cyberattack that crippled countries and corporations across the globe, which cybersecurity experts said Russia may have perpetrated.

Russia was also found to have hacked the 2016 US election in an effort to damage then-candidate Hillary Clinton's campaign and tilt the election in favor of Donald Trump. Russia has so far denied all the charges against it.

Ghana

'Democracy Will Succeed If We Build a Prosperous Nation' - President Akufo-Addo

The President of the Republic, Nana Addo Dankwa Akufo-Addo, says the democracy Ghanaians intend to build and entrench… Read more »

Copyright © 2017 Business Day Ghana. All rights reserved. Distributed by AllAfrica Global Media (allAfrica.com). To contact the copyright holder directly for corrections — or for permission to republish or make other authorized use of this material, click here.

AllAfrica publishes around 900 reports a day from more than 140 news organizations and over 500 other institutions and individuals, representing a diversity of positions on every topic. We publish news and views ranging from vigorous opponents of governments to government publications and spokespersons. Publishers named above each report are responsible for their own content, which AllAfrica does not have the legal right to edit or correct.

Articles and commentaries that identify allAfrica.com as the publisher are produced or commissioned by AllAfrica. To address comments or complaints, please Contact us.