Skip to Content

Hackers Have Been Targeting U.S. Nukes

This could be the warm-up act for something larger.

A series of cyberattacks has been leveled at the computer networks of American nuclear power plants.

The New York Times reveals that the Department of Homeland Security and the Federal Bureau of Investigation have reported a number of hacks targeting companies that run U.S. energy facilities over the past two months, including the Wolf Creek nuclear plant in Kansas. 

The attacks appear to have used a variety of techniques to gain access to computer systems. They include phishing attacks, which sent malicious code inside Microsoft Word documents via e-mail, along with so-called watering hole attacks, which compromise websites known to be used by targeted staff members.

So far, it appears that hackers gained access to office computer systems but failed to take control of devices that are used to operate of any of the facilities. So right now, the hacks are worrying rather than dangerous. The reports do, however, suggest that the hackers may have been using the opportunity to map networks, which could be used as intelligence for future attacks.

It’s important to not overstate the threat posed by the hacks, which hit administrative systems rather than industrial control computers. It’s unclear what the motive behind the attacks was, but they nonetheless raise fears that hackers could at some point in the future shut down parts of the American energy grid, or, less likely, undermine safety systems on nuclear facilities.

The news adds to concerns raised by recent attacks on energy infrastructure in Ukraine, which were considered by many to be test runs for taking down facilities in other countries. Research suggests that some of the malware tools developed by hackers and used against Ukrainian systems could prove to be a potent threat to industrial systems around the world, though no link has yet been drawn to the new American hacks.

Currently it’s unclear who is responsible for the hacks. But according to three people familiar with the attacks that spoke to Bloomberg, “the chief suspect is Russia.” The Times, meanwhile, points out that the DHS and FBI say that it was carried out by an “advanced persistent threat”—which is usually shorthand for a hacking collective that’s supported by a nation state.

(Read more: New York Times, Bloomberg, “Ukraine’s Power Grid Gets Hacked Again, a Worrying Sign for Infrastructure Attacks,” “A Hack Used to Plunge Ukraine Into Darkness Could Still Do Way More Damage”)

Keep Reading

Most Popular

mouse engineered to grow human hair
mouse engineered to grow human hair

Going bald? Lab-grown hair cells could be on the way

These biotech companies are reprogramming cells to treat baldness, but it’s still early days.

Death and Jeff Bezos
Death and Jeff Bezos

Meet Altos Labs, Silicon Valley’s latest wild bet on living forever

Funders of a deep-pocketed new "rejuvenation" startup are said to include Jeff Bezos and Yuri Milner.

ai learning to multitask concept
ai learning to multitask concept

Meta’s new learning algorithm can teach AI to multi-task

The single technique for teaching neural networks multiple skills is a step towards general-purpose AI.

conceptual illustration showing various women's faces being scanned
conceptual illustration showing various women's faces being scanned

A horrifying new AI app swaps women into porn videos with a click

Deepfake researchers have long feared the day this would arrive.

Stay connected

Illustration by Rose WongIllustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.