{"id":1813,"date":"2017-07-10T15:09:33","date_gmt":"2017-07-10T19:09:33","guid":{"rendered":"https:\/\/solutionsreview.com\/identity-management\/?p=1813"},"modified":"2017-07-11T07:27:50","modified_gmt":"2017-07-11T11:27:50","slug":"hackers-target-us-nuclear-energy-networks-with-spearphising-attacks","status":"publish","type":"post","link":"https:\/\/solutionsreview.com\/identity-management\/hackers-target-us-nuclear-energy-networks-with-spearphising-attacks\/","title":{"rendered":"Hackers Target US Nuclear Energy Networks With Spearphising Attacks"},"content":{"rendered":"

\"\"<\/p>\n

Hackers have attempted to gain access to the networks of\u00a0US-based nuclear power firms, as well as other energy sector businesses through a series of\u00a0\u00a0targeted spearphishing campaigns, according to a joint alert issued by the FBI and the Department of Homeland Security (DHS) on June 30th.<\/p>\n

In that alert, the FBI and DHS warned businesses in the energy sector that “advanced, persistent threat actors” were attempting to steal network log-in and password information for multiple energy companies, including those operating nuclear power plants, since May.<\/p>\n

The\u00a0hackers, who were unnamed in the alert, are purportedly using spearphishing emails to target energy\u00a0sector workers with emails containing\u00a0Microsoft Word attachments that look like r\u00e9sum\u00e9s from job applicants.\u00a0Attackers are also using watering hole attacks, though details on that attack vector were not made publicly available. The attackers are likely attempting to gain control of a privileged account<\/a> and jump from a corporate network to one containing controls for operational systems.<\/p>\n

However, Officials said there is no evidence the hackers\u00a0reached or otherwise disrupted those\u00a0core systems controlling operations at the plants, and that the public was not at risk.<\/p>\n

\u201cThere is no indication of a threat to public safety, as any potential impact appears to be limited to administrative and business networks,\u201d the DHS and FBI said in a joint statement Friday.<\/p>\n

One of the targets of the attacks, Wolf Creek Nuclear Operating Corp. in Kansas, released statement saying that \u201cthere has been absolutely no operational impact to Wolf Creek.\u201d According to spokesperson Jenny Hageman,\u00a0\u201cthe safety and control systems for the nuclear reactor and other vital plant components are not connected to business networks or the Internet.\u201d<\/p>\n

Unnamed officials have since told Bloomberg<\/a> that The National Security Agency (NSA) has attributed activity targeting US energy firms to the FSB, a Russian spy agency, a detail left out by previous government reports on the attacks.<\/p>\n

 <\/p>\n

If the attacks were carried out by the Russians, this spearphishing campaign could be a signal that Russian state-sponsored hackers are looking to explore opportunities for devastating attacks on critical US infrastructure.<\/p>\n

Hackers working for Moscow previously carried out such an attacks on energy infrastructure in December 2015, when\u00a0\u00a0hackers disrupted the electric system in Ukraine, resulting in a loss of power for\u00a0225,000 customers.<\/p>\n

The disclosure of these attacks comes at an awkward time–President Trump and Russian President Vladimir Putin met Friday to discuss \u201cthe challenges of cyberthreats\u201d according to statements made by\u00a0Secretary of State Rex Tillerson to reporters. The two world leaders \u201cagreed to explore creating a framework\u201d to better deal with cyberthreats, according to Tillerson. On Saturday, Putin told reporters that he and Trump have agreed to set up a working group \u201con the subject of jointly controlling security in cyberspace.\u201d<\/p>\n","protected":false},"excerpt":{"rendered":"

Hackers have attempted to gain access to the networks of\u00a0US-based nuclear power firms, as well as other energy sector businesses through a series of\u00a0\u00a0targeted spearphishing campaigns, according to a joint alert issued by the FBI and the Department of Homeland Security (DHS) on June 30th. In that alert, the FBI and DHS warned businesses in […]<\/p>\n","protected":false},"author":24,"featured_media":1739,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[6,1],"tags":[530,404,532,435,86,436,531],"acf":[],"yoast_head":"\nHackers Target US Nuclear Energy Networks With Spearphising Attacks - Top Identity & Access Management Software, Vendors, Products, Solutions, & Services<\/title>\n<meta name=\"description\" content=\"Intruders did not access systems controls, but were likely Russian, according to anonymous sources.\u00a0\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/solutionsreview.com\/identity-management\/hackers-target-us-nuclear-energy-networks-with-spearphising-attacks\/\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Jeff Edwards\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/hackers-target-us-nuclear-energy-networks-with-spearphising-attacks\/\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/hackers-target-us-nuclear-energy-networks-with-spearphising-attacks\/\",\"name\":\"Hackers Target US Nuclear Energy Networks With Spearphising Attacks - Top Identity & Access Management Software, Vendors, Products, Solutions, & Services\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/hackers-target-us-nuclear-energy-networks-with-spearphising-attacks\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/hackers-target-us-nuclear-energy-networks-with-spearphising-attacks\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/identity-management\/files\/2017\/05\/NSA-HQ-Day.jpg\",\"datePublished\":\"2017-07-10T19:09:33+00:00\",\"dateModified\":\"2017-07-11T11:27:50+00:00\",\"author\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/3d31b4b6a777a91476a65c087be260e6\"},\"description\":\"Intruders did not access systems controls, but were likely Russian, according to anonymous sources.\u00a0\",\"breadcrumb\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/hackers-target-us-nuclear-energy-networks-with-spearphising-attacks\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/solutionsreview.com\/identity-management\/hackers-target-us-nuclear-energy-networks-with-spearphising-attacks\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/hackers-target-us-nuclear-energy-networks-with-spearphising-attacks\/#primaryimage\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/files\/2017\/05\/NSA-HQ-Day.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/identity-management\/files\/2017\/05\/NSA-HQ-Day.jpg\",\"width\":800,\"height\":350},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/hackers-target-us-nuclear-energy-networks-with-spearphising-attacks\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/solutionsreview.com\/identity-management\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Hackers Target US Nuclear Energy Networks With Spearphising Attacks\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#website\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/\",\"name\":\"Best Identity Access Management (IAM) Software, Tools, Vendors, Solutions, & Services\",\"description\":\"Identity Access Management (IAM) News, Best Practices and Buyer's Guide\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/solutionsreview.com\/identity-management\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/3d31b4b6a777a91476a65c087be260e6\",\"name\":\"Jeff Edwards\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/8471d2b63e0587b41d829ecc153ba8e7?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/8471d2b63e0587b41d829ecc153ba8e7?s=96&d=mm&r=g\",\"caption\":\"Jeff Edwards\"},\"description\":\"Jeff Edwards is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in Journalism from the University of Massachusetts Amherst, and previously worked as a reporter covering Boston City Hall.\",\"sameAs\":[\"https:\/\/solutionsreview.com\",\"https:\/\/x.com\/InfoSec_Review\"],\"url\":\"https:\/\/solutionsreview.com\/identity-management\/author\/jedwards\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Hackers Target US Nuclear Energy Networks With Spearphising Attacks - Top Identity & Access Management Software, Vendors, Products, Solutions, & Services","description":"Intruders did not access systems controls, but were likely Russian, according to anonymous sources.\u00a0","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/solutionsreview.com\/identity-management\/hackers-target-us-nuclear-energy-networks-with-spearphising-attacks\/","twitter_misc":{"Written by":"Jeff Edwards","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/solutionsreview.com\/identity-management\/hackers-target-us-nuclear-energy-networks-with-spearphising-attacks\/","url":"https:\/\/solutionsreview.com\/identity-management\/hackers-target-us-nuclear-energy-networks-with-spearphising-attacks\/","name":"Hackers Target US Nuclear Energy Networks With Spearphising Attacks - Top Identity & Access Management Software, Vendors, Products, Solutions, & Services","isPartOf":{"@id":"https:\/\/solutionsreview.com\/identity-management\/#website"},"primaryImageOfPage":{"@id":"https:\/\/solutionsreview.com\/identity-management\/hackers-target-us-nuclear-energy-networks-with-spearphising-attacks\/#primaryimage"},"image":{"@id":"https:\/\/solutionsreview.com\/identity-management\/hackers-target-us-nuclear-energy-networks-with-spearphising-attacks\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/identity-management\/files\/2017\/05\/NSA-HQ-Day.jpg","datePublished":"2017-07-10T19:09:33+00:00","dateModified":"2017-07-11T11:27:50+00:00","author":{"@id":"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/3d31b4b6a777a91476a65c087be260e6"},"description":"Intruders did not access systems controls, but were likely Russian, according to anonymous sources.\u00a0","breadcrumb":{"@id":"https:\/\/solutionsreview.com\/identity-management\/hackers-target-us-nuclear-energy-networks-with-spearphising-attacks\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/solutionsreview.com\/identity-management\/hackers-target-us-nuclear-energy-networks-with-spearphising-attacks\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/identity-management\/hackers-target-us-nuclear-energy-networks-with-spearphising-attacks\/#primaryimage","url":"https:\/\/solutionsreview.com\/identity-management\/files\/2017\/05\/NSA-HQ-Day.jpg","contentUrl":"https:\/\/solutionsreview.com\/identity-management\/files\/2017\/05\/NSA-HQ-Day.jpg","width":800,"height":350},{"@type":"BreadcrumbList","@id":"https:\/\/solutionsreview.com\/identity-management\/hackers-target-us-nuclear-energy-networks-with-spearphising-attacks\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/solutionsreview.com\/identity-management\/"},{"@type":"ListItem","position":2,"name":"Hackers Target US Nuclear Energy Networks With Spearphising Attacks"}]},{"@type":"WebSite","@id":"https:\/\/solutionsreview.com\/identity-management\/#website","url":"https:\/\/solutionsreview.com\/identity-management\/","name":"Best Identity Access Management (IAM) Software, Tools, Vendors, Solutions, & Services","description":"Identity Access Management (IAM) News, Best Practices and Buyer's Guide","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/solutionsreview.com\/identity-management\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/3d31b4b6a777a91476a65c087be260e6","name":"Jeff Edwards","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/8471d2b63e0587b41d829ecc153ba8e7?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/8471d2b63e0587b41d829ecc153ba8e7?s=96&d=mm&r=g","caption":"Jeff Edwards"},"description":"Jeff Edwards is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in Journalism from the University of Massachusetts Amherst, and previously worked as a reporter covering Boston City Hall.","sameAs":["https:\/\/solutionsreview.com","https:\/\/x.com\/InfoSec_Review"],"url":"https:\/\/solutionsreview.com\/identity-management\/author\/jedwards\/"}]}},"_links":{"self":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/posts\/1813"}],"collection":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/users\/24"}],"replies":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/comments?post=1813"}],"version-history":[{"count":0,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/posts\/1813\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/media\/1739"}],"wp:attachment":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/media?parent=1813"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/categories?post=1813"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/tags?post=1813"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}