Slashdot Mirror
Hackers Targeting US Nuclear Power Plants, Report Finds (cnet.com)
For the past couple of months, hackers have breached the computer networks of companies that operate nuclear power facilities in the US, according to a new report from federal law enforcement officials. From a report: One of the companies targeted was the Wolf Creek Nuclear Operating Corporation, which operates a nuclear facility near Burlington, Kansas, according to a joint report issued last week by the FBI and Department of Homeland Security and described by The New York Times. The report carried an urgent amber warning, the second-highest rating for the severity of the threat, the Times reported. Organizations running the nation's energy, nuclear and other critical infrastructure have become frequent targets for cyberattacks in recent years. In a 2013 executive order, President Barack Obama called cyberattacks "one of the most serious national security challenges we must confront."
Okay this is not really that new. The tech community knews this was going on for sometime since power companies (for some crazy reason) are internet accessible. Even in the Snowden movie it was shown that the CIA was getting into power plants and hospitals of allies (now semi-allies?) for the purposes of "pressure" if they took actions the CIA decided it didn't like. So of course we've been targeted. Was probably one of the earlier targeted industries since the cyberwar with other countries started.
"Imagination is more important than knowledge" - Einstein
This is the advantage of the vintage of the U.S. nuclear fleet. The vast majority of the control systems, and just about all if not all safety-related control systems are electromechanical. There's nothing digital. You have to physically be there to screw with it. For those unfamiliar, the control logic doesn't use the fancy schmancy transistor, it uses electromechanical relays.
Plenty of plants have analog to digital converters that take process information for monitoring - even remotely, but these include diodes and such to isolate the system. Plus things like the business network, admin, HR, etc etc are Internet connected. Losing that would be a bad day for business, but the plant itself wouldn't care.
Are the control systems at plants not isolated from the outside world?
If not, why not?
It seems obvious that they should be.
Yes, they are isolated. But articles like this tend to hint that plants are hacked when in reality only the corporate business lans are involved in the attacked, not the isolated control systems. But headlines aren't so exciting if they reflect reality.
Headline says the power plants were targeted, summary says the companies were targeted.
The headline is BS. The Wolf Creek plant controls were not involved at all, just the corporate business network which is completely separate. The headline intentionally implies something that didn't happen.
Are the control systems at plants not isolated from the outside world?
If not, why not?
It seems obvious that they should be.
From TFA (yeah, I know; too bad TFS didn't mention this small detail): "The safety and control systems for the nuclear reactor and other vital plant components are not connected to business networks or the internet," Wolf Creek spokeswoman Jenny Hageman said in a statement. "The plant continues to operate safely."
I think I've seen this same misleading bullshit article title literally once a month since 9/11/01.
So the administrative (read: Windows) network got some malware at a nuke plant? Shocking. I'd honestly think I'd be more shocked if the headline said that a nuclear facility had never gotten its Windows network breached, because I've never seen one that hasn't been.
Now, if the article showed that someone was fucking with the reactors or other critical systems, I'd be worried. But every article for the last 16 years has always been this same kind of clickbait garbage.
Headline says the power plants were targeted, summary says the companies were targeted.
The headline is BS. The Wolf Creek plant controls were not involved at all, just the corporate business network which is completely separate. The headline intentionally implies something that didn't happen.
Taking headquarters out of the loop would be the best thing to happen to the plant, says this former operator.
I'm a consultant - I convert gibberish into cash-flow.
^You are talking off of assumptions, not experience. You could have checked just a little first, the link below an example of digital products that have been being installed in US nuclear plants for over that last 20 years. These systems don't need to be installed in containment where radiation levels are high, relay based controls are already installed in low rad environments.
http://www.westinghousenuclear...
Here is one on the Oconee Reactor Protection digital system, other plants are in the process of planning protection system digital upgrades;
http://www.power-eng.com/artic...
In addition, many US plants have installed digital control rod drive control systems. Once again, those controls are not located inside containment. You can walk right up to them, as most all controls, while the plant is running full power.
All the people saying control systems weren't affected seem too unconcerned about the long game. The hackers undoubtedly have better kompromat opportunities for deeper and better attacks now. An air-gapped system doesn't protect you when an employee has been blackmailed, bought, or duped.