U.S. prosecutors unseal indictments tied to computer hack at Kansas nuclear plant – The Wellington Daily News

By Tim Carpenter Kansas Reflector

TOPEKA — Federal prosecutors unsealed indictments against four Russian government computer hackers who targeted global infrastructure in a campaign that included breach of the business network at Wolf Creek nuclear power plant in Kansas.

The U.S. Department of Justice said indictments made public Thursday charged Russian nationals with attempting, supporting and conducting computer intrusions that together, in two separate conspiracies, targeted software and hardware systems linked to the global energy sector between 2012 and 2018.

Prosecutors alleged the hacking campaigns targeted thousands of computers at hundreds of companies and organizations in the United States and in more than 135 countries. The indictments allege wire and computer fraud and identity theft.

U.S. Attorney Duston Slinkard of Kansas said potential of cyberattacks to disrupt, if not paralyze, the delivery of critical energy services to hospitals, homes, businesses and other locations was a sobering reality.

“We must acknowledge there are individuals actively seeking to wreak havoc on our nation’s vital infrastructure system, and we must remain vigilant in our effort to thwart such attacks,” Slinkard said.

According to indictments, the energy sector campaign involved two phases. In the first phase, which took place between 2012 and 2014, conspirators engaged in a supply chain attack, compromising computer networks of system manufacturers and software providers and then hiding malware inside legitimate software updates for such systems.

After unsuspecting customers downloaded infected updates, the conspirators used malware to create backdoors into infected systems and scan victims’ networks. Through these and other efforts, prosecutors allege conspirators installed malware on more than 17,000 unique devices in the United States and abroad, including controllers used by power and energy companies.

In the second phase, which transpired between 2014 and 2017, the conspirators transitioned to more targeted specific energy sector entities and individuals and engineers. The indictments say conspirators attacked more than 3,300 users at more than 500…