The Federal Bureau of Investigation and the United States Department of Homeland Security are alerting US electric power generators, including nuclear power plant operators, of cyberattacks on the nation's energy infrastructure by foreign-based hackers.
In a joint statement issued July 7, 2017, the nation's top security agencies said that they “are aware of potential cyber intrusion affecting entities in the energy sector."
The statement said that the cyberattack appears to be “limited to administrative and business networks,” but it is very likely part of an ongoing probe and broader research effort to identify vulnerabilites in cybersecurity for the electric power system including generators and the power grid. The North American Electric Reliability Corp. (NERC), an industry regulatory group organized to assure the reliability and security of the nation's bulk power system, is reported to be aware of the intrusion and communicating through its secure network. Unnamed government authorities have identified the Wolf Creek nuclear power station in Burlington, Kansas as one of the facilities that was probed by malware embedded in MicroSoft Word documents sent as fake resumes to onsite adminstrators. While no safety systems at the nuclear power station are believed to have been threatened by this cyberattack, it remains a growing concern that this intrusion was a test run for reconnisance conducted by an adversary.
Bloomberg News and other sources are reporting that Russian hackers are among the suspects responsible for probing the US energy facilities.
While nuclear power station safety systems by design are more or less isolated from an external cyberattack through the internet, the vulnerability of the electric grid that intially provides 100% of all electrical power to those same safety systems is no longer a theoritical concern. The electric grid is now potentially a cyber target potentially for broader military operations or punitive measures in retaliation for some U.S. action. Nuclear power stations are designed to respond to the loss of offsite power from the grid with the automatic startup of redundant onsite emergency power systems such as diesel generators. However, prolonged or recurring offsite power outages can challenge the durability and reliability of emergency power systems. Moreover, every table top and mock security training exercise for defending a nuclear power plant from an armed assault begins with first knocking out the electric grid. Without offsite power, the backup emergency power systems become part of an onsite target set for sabotage to cause a nuclear meltdown with widespread radioactive consequences.
US Senator Edward Markey (D-MA), top Democrat on the International Cybersecurity subcommittee, has now initiated an investigation. The subcommitte sent letters to the heads of the Department of Defense, Department of Energy, Department of Homeland Security, Federal Bureau of Investigation and the Nuclear Regulatory Commission about how the US is defending its nuclear power plants from foreign attacks and threats. The subcommittee is seeking answers on the number of nuclear plants that suffered attacks, who coordinates cybersecurity for nuclear power and recommendations for improving security. Markey has requested answers by Aug. 10.
Clearly, more needs to be done to fortify the electric grid system that nuclear power station safety systems and other power generators rely upon. Pre-attack measures could include building in more manual control of the grid and post-cyber attack measures include more sophisticated computer forensics. However, the priority must be to phase out these inherently dangerous and radiologically-enhanced targets and replace them with benign, sustainable and renewable solar and wind power generators.
The Asbury Park Press in New Jersey published a feature story on July 13, 2017 focusing on the Oyster Creek nuclear station and the cyberattacks on US nuclear power stations.