A report from the FBI and the Department of Homeland Security warns of malware attacks targeting mainly nuclear power stations and energy facilities. The attacks started in May of this year.
These attacks have received an "amber" terrorism threat rating, the second highest threat rating available on the Department of Homeland Security's advisory system, and thus far appear to be credential spear phishing1 attacks attempting to map infiltrated networks. The attackers targeted employees at the affected energy organizations through phony resumes with embedded malware and watering hole attacks.2
Bloomberg reported that: "The chief suspect is Russia, according to three people familiar with the continuing effort to eject the hackers from the computer networks. One of those networks belongs to an aging nuclear generating facility known as Wolf Creek -- owned by Westar Energy Inc., Great Plains Energy Inc. and Kansas Electric Power Cooperative Inc. -- on a lake shore near Burlington, Kansas." 3 More information on this may be found here.
Footnotes
1. Credential spear phishing is an email-spoofing attack that targets a specific organization or individual, seeking unauthorized access to sensitive information, such as logon credentials.
2. A watering hole attack is a security exploit in which the attacker seeks to compromise a specific group of end users by infecting websites that members of the group are known to visit.
3. Michael Riley, Jennifer A. Dlouhy, Brian Gruley, Russians are Suspects in Nuclear Site Hackings, Sources Say, BLOOMBERG (July 6, 2017).
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
