The abilities of hackers seem to be increasing every day. The proof of this is the fact that recently, an unidentified hacker or a hacking group managed to breach at least one of the US nuclear power plants. The investigation of the breach is currently being conducted by federal officers.
It is currently unknown which plant is in question, but, according to E&E News, who reported the story first, there were many plants that were affected by cyber attacks this year. So basically, this was not the first time that something like this has happened.
The identity of an attacker is unclear as well, and so far, there is no confirmation if the breach was or was not connected to the Petya/GoldenEye malware that has been on a rampage since Tuesday.
What is known, however, is that the breach occurred on the business-associated side of the power plant. The origins of the hack is also a mystery at this point, at least for the public. It was code-named ‘Nuclear 17’, but it seems that there was no serious damage and that the threat did not deserve for public safety alarms to activate. So, according to all this, we can conclude that there is no immediate threat to the safety of people.
However, security experts say that this breach marks a new threat and that nuclear safety might be at risk from now on. Even this breach to the business side might have been done on the purpose of information gathering. Hackers are known to, from time to time, try to learn about the system by different means than simply attacking it and seeing what will happen. Another attack is expected, and that second one might be even more serious.
CEO of a cybersecurity company called JASK, Greg Martin, has said that this breach is as severe as it is scary. Despite the fact that the attack was actually contaminated, and that it wasn’t allowed to proceed, it still went way too far into the business part. Nobody knows just how much info do the hackers now have, or what is their ultimate goal.
The info in question includes emails, design plans, security assessments, documents that contain passwords, and even more sensitive data. Martin has also confirmed that this breach can lead to much more dangerous ones in the future. The fact that it was contained is great, but the next attack probably won’t be that easy to stop.
During such attacks in the past, the goal was obtaining information that can be used for spear phishing attacks. This means that the employees are the next target, which is why it is very important for them to learn how to recognize such attacks.
Tactics like these are often used, and they always have major consequences. The most recent ones came from NSA’s leaked report about Russian hackers interfering with the US election from last year.
As much as this thought is scary, it is way scarier when you think about what hackers can do now that they have details about the power plant. And if knowledge is power, they could be very powerful at the moment.