Tag Archive for: plant

Exposing the Russian spies who attempted to hack a Kansas nuclear plant | KCUR 89.3

/in


Three young Russian spies, Pavel, Mikhail and Marat, working from computers in a 27-story skyscraper at 12 Prospekt Vernadskogo in Moscow, over five years targeted the Wolf Creek nuclear power plant in Burlington, Kansas.

They were on a sophisticated cyber reconnaissance mission to learn about the inner workings of the plant to prepare for a possible precision electronic assault by the Russians.

That is the story that broke March 24, when the U.S. Department of Justice suddenly and somewhat mysteriously unsealed an indictment against the hapless trio. The indictment was filed under seal on Aug. 26, 2021, in the U.S. District Court in Kansas City, Kansas, and lay gathering dust for seven months.

Context matters, and in this case it explains why the Sunflower State and its lone nuclear plant have been woven into a saga laced with John le Carré spy novel overtones.

The bloody context is the devastating war Russia launched weeks ago against Ukraine. It also includes the remarkably successful psychological warfare ops that the Biden administration and its Western European allies have thrown at Russian President Vladimir Putin and his war machine.

James Lewis, a nuclear cybersecurity expert, said that the DOJ indictment probably was unsealed in Kansas now because the Biden administration has fresh intelligence about the Russians and it wants those overseeing America’s critical infrastructure to be on heightened alert.

“Maybe the Russians are giving more consideration to a cyberattack than in the past. It is driven by what the Russians are up to,” said Lewis, director of the Strategic Technology Program of the Center for Strategic & International Studies in Washington.

Wolf Creek, completed in 1985, is located about 100 miles southwest of Kansas City. Evergy, formerly Kansas City Power & Light, owns 94% of Wolf Creek and the balance is owned by the Kansas Electric Power Cooperative.

A nuclear plant by a cooling pond

U.S. Nuclear Regulatory Commission

/

The Wolf Creek nuclear power plant near Burlington, Kansas.

Evergy declined to discuss the Russian cybersecurity attack on Wolf Creek. Their statement…

Source…

Hack the Plant Episode 20: Training the Cyber Workforce of the Future

/in


“You can only cover about 65% of the cybersecurity workforce demand with the existing workforce today. So we need to do something to address that gap. We need to either build that workforce or re-skill existing individuals that are looking to get into new fields. That’s the approach that we’re taking. So the need is there. We know that cyber risk is there. We know that adversaries are constantly re-skilling and skilling up as well. And we need to build a protective workforce around that.” – John Ellis

In this episode of Hack the Plant, we feature John Ellis, who heads up the Industrial Cyber Alliances at Siemens Energy.  We discuss a new, industry-lead apprenticeship program he runs which focuses on critical infrastructure protection called CIISAp (short for: Cybersecurity & Industrial Infrastructure Security Apprenticeship Program).

ICS village is one of the partners of this program, which is tackling the gap between shortage of skilled employees and the workforce

How is the cohort designed? How can we encourage collaboration tech companies, service companies, academia, and government to train the cyber workforce of the future?

Join us to learn more.

(Subscribe to Hack the Plant on Spotify or Apple, by RSS feed or search for it wherever you listen to podcasts.)

TRANSCRIPT

Joshua Corman: 

Our dependence on connected technology is growing faster than our ability to secure it, especially in areas affecting public safety and human life.

Bryson Bort: 

I’m Bryson Bort. And this is Hack the Plant. Electricity, finance, transportation, our water supply. We take these critical infrastructure systems for granted, but they’re all becoming increasingly dependent on the internet to function. Every day I ask and look for answers to the questions. Does our connectivity leave us more vulnerable to attacks by our enemies? I’m a senior fellow at the R street Institute and the co-founder of the nonprofit ICS Village, educating people on critical infrastructure security with hands-on examples, not just nerd stuff. I founded GRIMM in 2013, a consultancy that works the front lines of these problems every day for clients all over the world.

[SPEAKER]: 

It’s…

Source…

U.S. prosecutors unseal indictments tied to computer hack at Kansas nuclear plant – The Wellington Daily News

/in


By Tim Carpenter Kansas Reflector

TOPEKA — Federal prosecutors unsealed indictments against four Russian government computer hackers who targeted global infrastructure in a campaign that included breach of the business network at Wolf Creek nuclear power plant in Kansas.

The U.S. Department of Justice said indictments made public Thursday charged Russian nationals with attempting, supporting and conducting computer intrusions that together, in two separate conspiracies, targeted software and hardware systems linked to the global energy sector between 2012 and 2018.

Prosecutors alleged the hacking campaigns targeted thousands of computers at hundreds of companies and organizations in the United States and in more than 135 countries. The indictments allege wire and computer fraud and identity theft.

U.S. Attorney Duston Slinkard of Kansas said potential of cyberattacks to disrupt, if not paralyze, the delivery of critical energy services to hospitals, homes, businesses and other locations was a sobering reality.

“We must acknowledge there are individuals actively seeking to wreak havoc on our nation’s vital infrastructure system, and we must remain vigilant in our effort to thwart such attacks,” Slinkard said.

According to indictments, the energy sector campaign involved two phases. In the first phase, which took place between 2012 and 2014, conspirators engaged in a supply chain attack, compromising computer networks of system manufacturers and software providers and then hiding malware inside legitimate software updates for such systems.

After unsuspecting customers downloaded infected updates, the conspirators used malware to create backdoors into infected systems and scan victims’ networks. Through these and other efforts, prosecutors allege conspirators installed malware on more than 17,000 unique devices in the United States and abroad, including controllers used by power and energy companies.

In the second phase, which transpired between 2014 and 2017, the conspirators transitioned to more targeted specific energy sector entities and individuals and engineers. The indictments say conspirators attacked more than 3,300 users at more than 500…

Source…

Kansas’ Wolf Creek nuclear power plant hack serves as a warning

/in


Former Burlington Mayor and Coffey County Commissioner Gene Merry remember the news about a hack of the Wolf Creek Nuclear Power facility’s computer system in 2017. At the time, the FBI and Homeland Security said the hack was aimed at corporate computers, not the ones that run the plant.Until Thursday, Merry did not know Russian FSB officers devised that intrusion.”It’s good to know,” Merry said. The longtime Burlington businessman and public official reiterated full confidence in the team at the nuclear power facility, operated by Evergy, one day after federal prosecutors revealed three Russian Federal Security Service (FSB) officers targeted the plant in 2017.Evergy released a statement Thursday saying at no point did attackers ever gain access to the cyber systems that operate the facility or power grid.”I have all the faith in the world of this security at the plant and the safety of the plant,” Merry said.Still, Merry said it is a good reminder for everyone to remain on guard, especially now with the War in Ukraine.A cybersecurity expert agrees.”There will be more and more this kind of attack coming up in the future,” said Yongzhi Joe Wang, assistant professor of computer science and information systems at Park University.Wang said the Wolf Creek hack should remind the energy sector along with companies everywhere to make sure they have the most upgraded software and education about malware attacks for employees.He also said cybersecurity insurance is important for companies.”Then, at least they can get some payment from the insurance company,” he said.The Wolf Creek hacking incident is just one of more than 17,000 hacks into unique devices in the United States and around the world, according to the federal indictment released Thursday.

COFFEY COUNTY, Kan. —

Former Burlington Mayor and Coffey County Commissioner Gene Merry remember the news about a hack of the Wolf Creek Nuclear Power facility’s computer system in 2017.

At the time, the FBI and Homeland Security said the hack was aimed at corporate computers, not the ones that run the plant.

Until Thursday, Merry did not know Russian FSB officers devised that intrusion.

“It’s good to know,”…

Source…