The Department of Homeland Security and FBI have issued a joint report providing details of malware attacks targeting employees of companies that operate nuclear power plants in the US, including the Wolf Creek Nuclear Operating Corporation, The New York Times reports. The attacks have been taking place since May, as detailed in the report issued by federal officials last week and sent out to industry.
Basically the same old infected email attachments attack, but this time its directed at nuclear plants. I mean, that’s pretty worrying isn’t it?
There is no evidence that information on plant operations was exposed. FBI and DHS analysts have not been able to determine the nature of the malware planted by the attempted hacks, which used a “spear-phishing” campaign targeting senior industrial control engineers at nuclear facilities. The tailored e-mails contained fake résumés and appeared to be from people seeking control engineering jobs, according to the report seen by the Times.
Attacks unofficially show signs of being from russian threat group “energetic bear”, known to target industrial control systems
attacks are similar in approach to those staged over the past five years by a “threat group” known by some researchers as “Energetic Bear“—a Russia-based campaign against energy sector targets. In those attacks, the malware implanted by the malicious e-mail attachments specifically targeted industrial control systems.