Tag: nuclear | Page 4

Computer Security Approaches to Reduce Cyber Risks in the Nuclear Supply Chain

December 16, 2022/in Computer Security

Description

Computer security in the nuclear supply chain is an important element of risk management. Nuclear facilities and operations rely upon complex networks of suppliers, vendors, and integrators to provide digital technology, services, and support. This provides a supply chain attack surface that may be exploited to compromise nuclear facilities, operations, and secure environments. Compromise of the supply chain may provide a means to circumvent computer security measures that are in place to protect these critical systems, therefore a defence-in-depth approach that involves people, processes, and technology is needed.
The purpose of this publication is to assist Member States in raising awareness of cyber risks in the nuclear supply chain and help to identify critical issues and mitigation techniques. The aim is to reduce the supply chain attack surface by providing information, good practices, and mitigation techniques through all phases of the supply chain including design, hardware and software development, testing, transportation, installation, operation, maintenance and decommissioning of nuclear computer-based systems.

More Information on reusing IAEA copyright material.

Related publications

2022

2021

2016

…

Source…

Crypto hacking behind N. Korea’s renewed nuclear ambition

December 7, 2022/in Internet Security

Crypto hacking behind N. Korea’s renewed nuclear ambition (The Korea Herald)

Borders were closed and trade was cut off while international sanctions continued throughout the COVID-19 pandemic, further isolating North Korea, one of the world’s most impoverished nations. But its regime has discovered new ways of raking in funds to continuously pursue its missile ambitions and divert sanctions and regulations at the same time — via hacking cryptocurrencies.

The online theft of cryptocurrency has allowed Pyongyang free access to the new but less regulated financial system operated on blockchain technology, believed to be unhackable, through manipulation techniques that exploit human error to trick people into giving up confidential information or to download malware-ridden files.

Through such highly engineered methods, North Korean hackers have been channeling billions of dollars into the secluded regime’s pockets, according to experts from the US and South Korea.

It has become an efficient means to cover the astronomical costs of missile launches and nuclear tests for North Korea, with a gross national income that stands at 36.3 trillion won ($27.7 billion) — about 1.7 percent that of South Korea.

The pandemic has pushed the North Korean regime to further rely on cybertheft, allowing Kim Jong-un to expand his nuclear program without having to engage with the outside world.

“North Korea has engaged in a string of illicit moneymaking schemes over the decades, from manufacturing methamphetamine to counterfeiting $100 bills, and crypto theft is the latest,” said Jean Lee, a fellow at the Wilson Center in Washington and co-host of the “Lazarus Heist” podcast from the BBC World Service.

“Cryptocurrency is incredibly appealing for North Korean hackers because it promises the potential for huge gains — and remains largely unregulated.”

North Korea’s cryptocurrency theft — which began in 2017 — has begun to take center stage this year as it has fired a record-breaking number of missiles at unprecedented speed and geared up for another nuclear test despite its still-sluggish economic conditions.

This year alone, North Korea has so far fired around 90 missiles, including…

Source…

Russian military spies hacked Kansas nuclear power plant

April 15, 2022/in Computer Security

Russian military officers are charged with combined 20 counts alleging conspiracy, computer fraud, wire fraud and identity theft. Among the list of victims was Wolf Creek Nuclear Operating Corporation in Burlington.

Hackers in a military unit of a Russian spy agency are accused of cybercrimes targeting a nuclear power plant in Kansas five years ago.

Russian military officers Pavel Aleksandrovich Akulov, Mikhail Mikhailovich Gavrilov and Marat Valeryevich Tyukov are charged with a combined 20 counts alleging conspiracy, computer fraud, wire fraud and identity theft.

All three work for the Federal Security Service, also known as the FSB, which is a domestic intelligence agency with close ties to President Vladimir Putin. The FSB officers worked for a discrete operational unit within Center 16, which is also known as Military Unit 71330.

The 36-page grand jury indictment, filed Aug. 26, 2021 in U.S. District Court in Kansas City, Kan., was unsealed Thursday. The Federal Bureau of Investigation and federal prosecutors summarized the allegations in a news release.

“Russian state-sponsored hackers pose a serious and persistent threat to critical infrastructure both in the United States and around the world,” Deputy Attorney General Lisa Monaco said. “Although the criminal charges unsealed today reflect past activity, they make crystal clear the urgent ongoing need for American businesses to harden their defenses and remain vigilant.”

More:Nuclear war, gas prices and Kansas soldiers among Jerry Moran’s thoughts on Russia’s invasion of Ukraine

Hackers wanted access to U.S. energy sector network

The goal of the hackers was to establish and maintain unauthorized access to computers and networks in the U.S. energy sector, enabling the Russian government to disrupt and damage the systems. They targeted hundreds of companies between 2012 and 2017.

The indictment alleges the three military officers were part of a team that specifically targeted the software and hardware that controls equipment in power generation facilities.

Source…

Exposing the Russian spies who attempted to hack a Kansas nuclear plant | KCUR 89.3

April 9, 2022/in Computer Security

Three young Russian spies, Pavel, Mikhail and Marat, working from computers in a 27-story skyscraper at 12 Prospekt Vernadskogo in Moscow, over five years targeted the Wolf Creek nuclear power plant in Burlington, Kansas.

They were on a sophisticated cyber reconnaissance mission to learn about the inner workings of the plant to prepare for a possible precision electronic assault by the Russians.

That is the story that broke March 24, when the U.S. Department of Justice suddenly and somewhat mysteriously unsealed an indictment against the hapless trio. The indictment was filed under seal on Aug. 26, 2021, in the U.S. District Court in Kansas City, Kansas, and lay gathering dust for seven months.

Context matters, and in this case it explains why the Sunflower State and its lone nuclear plant have been woven into a saga laced with John le Carré spy novel overtones.

The bloody context is the devastating war Russia launched weeks ago against Ukraine. It also includes the remarkably successful psychological warfare ops that the Biden administration and its Western European allies have thrown at Russian President Vladimir Putin and his war machine.

James Lewis, a nuclear cybersecurity expert, said that the DOJ indictment probably was unsealed in Kansas now because the Biden administration has fresh intelligence about the Russians and it wants those overseeing America’s critical infrastructure to be on heightened alert.

“Maybe the Russians are giving more consideration to a cyberattack than in the past. It is driven by what the Russians are up to,” said Lewis, director of the Strategic Technology Program of the Center for Strategic & International Studies in Washington.

Wolf Creek, completed in 1985, is located about 100 miles southwest of Kansas City. Evergy, formerly Kansas City Power & Light, owns 94% of Wolf Creek and the balance is owned by the Kansas Electric Power Cooperative.

A nuclear plant by a cooling pond — The Wolf Creek nuclear power plant near Burlington, Kansas.

Evergy declined to discuss the Russian cybersecurity attack on Wolf Creek. Their statement…

Source…

Tag Archive for: nuclear

Description

Related publications