Hackers breached at least a dozen US power plants in attacks in May and June, US media report, citing intelligence officials, BBC reports. The targets included the Wolf Creek nuclear facility in Kansas, according to several reports.
An urgent Department of Homeland Security (DHS) report indicated a foreign power, possibly Russia, was responsible, the New York Times said. The DHS document carried the second-highest threat rating, the Times said.
Wolf Creek Nuclear Operating Corp declined to say if the plant was hacked but said there had been “no operational impact” at the plant.
“The reason that is true is because the operational computer systems are completely separate from the corporate network,” spokeswoman Jenny Hageman told Reuters.
In a joint statement with the FBI, a spokesman for the Department of Homeland Security said there was “no indication of a threat to public safety”.
The hackers appeared to be attempting to map out computer networks for future attacks, according to the DHS report seen by the Times. They sent highly targeted emails to senior engineers at operating firms behind the nuclear plants, mimicking job applications but laced with malicious code, the newspaper said.
Officials told the Times that the techniques resembles those used by Russian specialists linked to previous attacks on energy facilities. US investigators accused Russia-based hackers of being behind a 2015 attack that caused blackouts across Ukraine.
Hacking is a tool increasingly deployed by nation states to infiltrate foreign industrial networks. The US and Israel reportedly used the now-infamous Stuxnet worm in an attempt to damage an Iranian nuclear facility.
The worm attacked the facility’s nuclear centrifuges by overriding the system and instructing them to spin much faster than intended, reportedly causing severe physical damage.