Russian Cyber Attack on US Nuclear Power Stations

A report from the FBI and the Department of Homeland Security warns of malware attacks targeting mainly nuclear power stations and energy facilities. The attacks started in May of this year.

These attacks have received an “amber” terrorism threat rating, the second highest threat rating available on the Department of Homeland Security’s advisory system, and thus far appear to be credential spear phishing [1] attacks attempting to map infiltrated networks. The attackers targeted employees at the affected energy organizations through phony resumes with embedded malware and watering hole attacks. [2]

Bloomberg reported that: "The chief suspect is Russia, according to three people familiar with the continuing effort to eject the hackers from the computer networks. One of those networks belongs to an aging nuclear generating facility known as Wolf Creek -- owned by Westar Energy Inc., Great Plains Energy Inc. and Kansas Electric Power Cooperative Inc. -- on a lake shore near Burlington, Kansas.” [3] More information on this may be found here.

[1] Credential spear phishing is an email-spoofing attack that targets a specific organization or individual, seeking unauthorized access to sensitive information, such as logon credentials.
[2] A watering hole attack is a security exploit in which the attacker seeks to compromise a specific group of end users by infecting websites that members of the group are known to visit.
[3] Michael Riley, Jennifer A. Dlouhy, Brian Gruley, Russians are Suspects in Nuclear Site Hackings, Sources Say, BLOOMBERG (July 6, 2017).

This blog was written by Ajay Jagtiani at Miles & Stockbridge.

Opinions and conclusions in this post are solely those of the author unless otherwise indicated. The information contained in this blog is general in nature and is not offered and cannot be considered as legal advice for any particular situation. Accessing this blog and reading its content does not create an attorney-client relationship with the author or with Miles & Stockbridge. The author has provided the links referenced above for information purposes only and by doing so, does not adopt or incorporate the contents. Any federal tax advice provided in this communication is not intended or written by the author to be used, and cannot be used by the recipient, for the purpose of avoiding penalties which may be imposed on the recipient by the IRS. Please contact the author if you would like to receive written advice in a format which complies with IRS rules and may be relied upon to avoid penalties.