“Nuclear 17” Hacker Group Believed to Have Breached US Nuclear Power Plant Network
Federal officials have launched an investigation into a cyber intrusion in which a group of hackers reportedly breached at least one US nuclear power plant. The source of the attack, and whether it’s related to the “Petya” ransomware infection launched earlier this week, are not yet clear.
Officials say the “Nuclear 17” breach was limited to the yet unnamed plant’s business side, and E&E News reported that the attack wasn’t severe enough to trigger safety alerts from the International Atomic Energy Agency or the Nuclear Regulatory Commission.
Cybersecurity experts like Paulo Shakarian, founder of the CYR3CON security firm, say that although this breach has been contained, it has potentially dangerous implications for nuclear safety in the future.
“If a nuclear power facility is attacked on the business side, that might actually serve as a way of information-gathering,” Shakarian told Business Insider, explaining that sometimes hackers will attempt to “see if, by reaching that system, they can get more insight into what the facility is using on the operational side.”
“This could be a big danger and it could lead to another attack that could be more serious.”
CEO of JASK cybersecurity firm Greg Martin called the breach “very scary” and “very severe,” noting that while it is good that hackers weren’t able to directly impact the plant’s infrastructure, the business side of a nuclear plant houses “tons of information about the more vulnerable infrastructure side of these types of plants,” including security assessments, emails, designs plans, documents containing passwords and more.
Like Shakarian, Martin also believes that proprietary information hackers gather from this breach could be used to set up a more damaging attack in the future.
This comes on the hills of major international cyberattacks “WannaCry” in May and “Petya” in June. Ukraine was hardest hit by Tuesday’s “Petya” attack, in which dozens of the country’s computer systems and private and state websites were frozen with the message “Ooops, your important files encrypted.” Victims were charged $300 in bitcoin to regain access. Affected systems included the state mail service, several banks and Ukrenergo, the largest state power distributor.