Utility and government officials were briefed a week ago about a cyberattack on the U.S. civilian nuclear power sector, a leading industry cybersecurity leader told the Energy Times today.
Reports of the attack have circulated in today’s New York Times and other media outlets recently.
“Obviously, we had briefings when these issues came up a week ago,” said Kevin Wailes, director of the Lincoln Electric System and co-chairman of the Electric Subsector Coordinating Council, the joint working group of the electric sector and the federal government that deals with cyber and physical threats to the electric grid.
Asked to rate the seriousness of the cyberattack at Wolf Creek on a scale of 1 to 10, Wailes declined.
“The key issue is these events did not affect operations,” he said.
The security of the vast electric grid serving America – including generation plants, thousands of miles of distribution and transmission lines as well as substations that honeycomb cities is a top priority of government security agencies as well as electric utilities and transmission companies.
In addition to daily probes of grid-tied computers by hostile foreign governments, terrorists, criminals and pranksters, there have been a few isolated physical attacks on key electric infrastructure, including a California substation.
Operators of the Wolf Creek nuclear plant in southeast Kansas and the Nuclear Energy Institute, which speaks for nuclear operators, said that the critical electronic systems controlling Wolf Creek were never compromised during the recent breach.
Jenny Hageman, plant spokeswoman, wrote via email, “We don’t make public comments about security issues, except to confirm there has been absolutely no operational impact to Wolf Creek. The reason that is true is because the operational computer systems are completely separate from the corporate network. The safety and control systems for the nuclear reactor and other vital plant components are not connected to business networks or the internet.”
Wolf Creek has been operating 32 years.
The NEI issued the following statement: “We are not aware of a cyber security incident impacting any of our facilities. Such an incident would be required to be reported to our regulator, the Nuclear Regulatory Commission, and would be an event of public notification."
According to news accounts, hackers believed to be based in Russia sent emails with fake resumes attached to apply for engineering jobs; the documents carried cyber tools that would allow further penetration of the attacked computer networks.
Computer systems controlling critical nuclear operations – and other key parts of the grid – are walled off from the public internet.
Several prominent voices, included noted television journalist Ted Koppel, have said that the government and the utility industry is not sufficiently prepared to thwart both physical and cyberattacks of the grid that could conceivably lead to major casualties and economic disruption of the United States.
In his recent book, “Lights Out,” Koppel wrote: “There is, as yet, no real sense of alarm attached to the prospect of cyber war…
… For the first time in the history of warfare, governments need to worry about force projections by individual laptop.”
“We take cybersecurity and cyber-hygiene very seriously,” Wailes said. “The key is everyone is working diligently.”
As for the most recent assault at Wolf Creek and possibly elsewhere, it is believed to be connected to the recent ransom ware cyberattacks that were wide-ranging across many sectors, Wailes said.
“The threats evolve. That is one of the challenges,” Wailes said. “We certainly believe that the systems all worked in this case.”