American Nuke Plant Hacked by Russians, Says DOJ
While it has become rather obvious that the Russian military’s bark was way worse that its bite, there are still plenty of ways in which Russian actors can be devastating on the world’s stage.
One of the most effective avenues of attack for the Kremlin has been in cyberspace, and through the use of state-sponsored hackers. This includes some rather infamous incidents with the Colonial Pipeline and large-scale food factories.
This week, the DOJ is revealing that Russian cyber spies were also responsible for an attempted breach of the systems at a Kansas nuclear facility.
A nuclear power plant in eastern Kansas was one target of computer hackers organized by Russia’s spy agency as part of a large-scale international operation to seize control over critical infrastructure assets in the U.S., the Department of Justice alleged in an indictment unsealed Thursday.
Three agents with Russia’s Federal Security Service — Pavel Akulov, Mikhail Gavrilov and Marat Tyukov — face charges in the U.S. District of Kansas after a federal grand jury was convened last summer in Kansas City, Kansas. The agents are accused of computer fraud, wire fraud, identity theft and causing damage to the property of an energy facility.
The Wolf Creek Nuclear Operating Corporation, based in Burlington, is named in the indictment as one of hundreds of U.S. energy sector operations targeted by Russian intelligence. Through their efforts, the agents allegedly used a spearphishing method to compromise the company’s computer systems in which they sent emails while posing as employees.
The attack was complex and lengthy.
Between 2012 and 2017, the three Russian agents were allegedly part of a military unit that intruded computers and attacked supply chains. The conspiracy involved targeting software and hardware that controls power facility equipment, according to the indictment, and involved putting malware into software updates and other methods.
More than 17,000 unique devices in the U.S. and abroad installed the malware, the indictment says, creating backdoors that allowed hackers to scan the networks for more potential victims.