Homeland Security and the FBI issued a joint warning about malware attacks targeting U.S. nuclear plants. The malware has been operating since May.
The Amber Alert, the second highest alert level that DHS issues said that the attacks, for the moment are targeting employees’ personal computers as opposed to the isolated network that actually controls the nuke plants.
The FBI has not publicly identified the malware that is attacking the nuclear plants, but they have said that it is spear phishing based.
They said that there is no evidence that information on plant operations was exposed. No evidence is different than information was not exposed.
In theory, there is an “air gap” at nuclear plants between the administrative network (where engineers and others work) and the operational network (that actually controls the operations of the plant).
That is a great concept.
Unfortunately, like many concepts, it has some basis in truth. Some means a LIMITED basis.
For example, many nuke plants pass data from the administrative network to the operational network using flash drives. That, for all intents, removes the isolation between the administrative and operational networks. That is, in fact, how Stuxnet destroyed the Iranian nuclear centrifuges. There is no reason that concept would not work in the U.S.
While DHS is not attributing the attacks for the moment, other sources are saying that the attacks look a lot like the attacks that the Russians have conducted over the last five years, so you figure it out.
And let’s not forget that President Trump suggested that we partner with the Ruskies to improve cyber security. That was before he faced an absolute unified attack from the left, right and center saying that such a partnership would be absolutely catastrophic.
DHS has said that these attacks are ongoing and are part of a much broader attack on the energy sector.
The concern is, of course, that one of these attacks could be successful. That would be pretty scary anywhere in the energy sector from the oil field to electric distribution to nuclear generation.
Information for this post came from Ars Technica.