The United States has admitted that hackers attacking its nuclear power plants have already succeeded. Not once, but twice over the past three years.
An investigation by the Nuclear Regulatory Commission (NRC), which oversees the US nuclear power grid, uncovered two incidents in which hackers were able to access its internal documents.
One of the hacking incidents, as reported by NextGov, involved emails sent to 215 NRC employees designed to steal their login details.
Approximately 12 employees ended up falling for it, according to the report, entering their username and password into a Google spreadsheet. The IG Cyber Crime Unit then tracked that spreadsheet to a user “in a foreign country” – though it is not clear who was behind the simple attack.
In another attempt hackers embed a URL in an email which linked to a “a cloud-based Microsoft Skydrive storage site”, which itself hosted various malware designed to compromise computers. Other attacks involved breaking into the personal email account of an NRC employee and sending a virus-laden PDF file to other staff members.
Experts speaking to NextGov said that a foreign government was likely responsible.
“Clearly, the spearphishing is a technique that we’ve seen the Chinese and the Russians use before,” said Adam Segal, director of the digital and cyberspace policy program at the Council on Foreign Relations, to the website.
“Using the general logic, a nation state is going to be more interested in the NRC than you would imagine common criminals would be.”
But why hack the Nuclear Regulatory Commission, and not the power plants directly? NextGov reported:
“As the overseer of the U.S. nuclear power industry, NRC maintains records of value to overseas aggressors, including databases detailing the location and condition of nuclear reactors. Plants that handle weapons-grade materials submit information about their inventories to one such system, according to a 2000 IG report on efforts to protect critical infrastructure systems.”
Commission spokesman David McIntyre said that the NRC “detects and thwarts” the majority of these attempts, but admitted two had succeeded. It’s not known for sure what information if any was taken.
Photo courtesy of Google.com