The U.S. Department of Energy said on Friday it is helping U.S. firms defend against a hacking campaign that targeted nuclear plants and power companies, saying the attacks have not impacted power production or the grid.
News of the attacks surfaced a week ago when Reuters reported that the U.S. Department of Homeland Security and Federal Bureau of Investigation issued a June 28 alert to industrial firms, warning them of hacking targeting the nuclear, power and critical infrastructure sectors.
“DOE is working with our government and industry partners to mitigate any impact from a cyber intrusion affecting entities in the energy sector,” a Department of Energy representative said in an email to Reuters. “At this time, there has been no impact to systems controlling U.S. energy infrastructure. Any potential impact appears to be limited to administrative and business networks.”
It was not clear who was responsible for the hacks. The joint report by the DHS and the FBI did not identify the attackers, though it described the hacks as “an advanced persistent threat,” a term that U.S. officials typically but not always use to describe attacks by culprits.
The DOE discussed its response to the attacks after Bloomberg News reported on Friday that the Wolf Creek nuclear facility in Kansas was among at least a dozen U.S. power firms breached in the attack, citing current and former U.S. officials who were not named.
A representative with the Wolf Creek Nuclear Operating Corp declined to say if the plant was hacked, but said it continued to operate safely.
“There has been absolutely no operational impact to Wolf Creek. The reason that is true is because the operational computer systems are completely separate from the corporate network,” company spokeswoman Jenny Hageman said via email.
A separate Homeland Security technical bulletin issued on June 28 included details of code used in a hacking tool that suggest the hackers sought to use the password of a Wolf Creek employee to access the network.
Hageman declined to say if hackers had gained access to that employee’s account. The employee could not be reached for comment.
The June 28 alert said that hackers have been observed using tainted emails to harvest credentials to gain access to networks of their targets.
“Historically, cyber actors have strategically targeted the energy sector with various goals ranging from cyber espionage to the ability to disrupt energy systems in the event of a hostile conflict,” the report said.
The DOE said it has shared information about this incident with industry, including technical details on the attack and mitigation suggestions.
“Security professionals from government and industry are working closely to share information so energy system operators can defend their systems,” the agency spokesperson said.
Earlier, the FBI and DHS issued a joint statement saying “There is no indication of a threat to public safety” because the impact appears limited to administrative and business networks.
A nuclear industry spokesman told Reuters last Saturday that hackers have never gained access to a nuclear plant.
(Reporting by Jim Finkle in Toronto, Scott DiSavino in New York and Timothy Gardner in Washington; Additional reporting by Dustin Volz in Washington and Joseph Menn in San Francisco; Editing by Bernard Orr)
Maersk says too early to predict financial impact of cyber attack
SHANGHAI Maersk said it was too early to predict the financial impact of last month’s global Petya cyber attack that hit the shipping giant’s computers and delayed cargoes, but added that normal operations had resumed at its ports.
U.S. judge allows Twitter lawsuit over surveillance to move forward
SAN FRANCISCO A U.S. judge ruled on Thursday that Twitter Inc could move forward with a lawsuit that aims to free technology companies to speak more openly about surveillance requests they receive from the U.S. government.