US Warns Businesses of Hacking Campaign Against Nuclear, Energy Firms

Kacper Pempel/Reuters
A projection of cybercode on a hooded man is pictured in this illustration picture taken on 13 May 2017

The US government warned industrial firms about a hacking campaign targeting the nuclear and energy sectors, the latest event to highlight the power industry’s vulnerability to cyberattacks.

Since at least May, hackers used tainted phishing emails to harvest credentials so they could gain access to networks of their targets, according to a joint report from the US Department of Homeland Security and Federal Bureau of Investigation.

The report provided to the industrial firms was reviewed by Reuters on 31 June. While disclosing attacks, and warning that in some cases hackers succeeded in compromising the networks of their targets, it did not identify any specific victims.

“Historically, cyberactors have strategically targeted the energy sector with various goals ranging from cyberespionage to the ability to disrupt energy systems in the event of a hostile conflict,” the report said.

Homeland Security and FBI officials could not be reached for comment on the report, which was dated 28 June.

The report was released during a week of heavy hacking activity.

A virus dubbed NotPetya attacked on 27 June, spreading from initial infections in Ukraine to businesses around the globe. It encrypted data on infected machines, rendering them inoperable and disrupting activity at ports, law firms and factories.

Read the full story here.



Don't miss our latest HSE content, delivered to your inbox twice monthly. Sign up for the HSE Now newsletter.  If you are not logged in, you will receive a confirmation email that you will need to click on to confirm you want to receive the newsletter.





HSE Now is a source for news and technical information affecting the health, safety, security, environment, and social responsibility discipline of the upstream oil and gas industry.