No U.S. nuclear power plant has been penetrated in a cyber attack, an industry spokesman said on Saturday, when asked to comment on a U.S. government warning last week about a hacking campaign targeting the sector.
The U.S. Department of Homeland Security and Federal Bureau of Investigation said in a report dated Wednesday that nuclear sector was among those targeted in a hacking campaign data back to at least May.
Hackers used "phishing" emails to obtain credentials to gain access to networks of their targets, according to a report from the two agencies. “None of America’s 99 operating nuclear plants have been penetrated by a cyber attack," said John Keeley, a spokesman for industry trade group Nuclear Energy Institute. If a plant's operations had been breached, that would require mandatory notification to the Nuclear Regulatory Commission, which would notify the public, he said.
Those requirements do not cover cyber intrusions on business networks of firms that operate nuclear power plants, said Keeley. He said had no information as to whether such attacks had occurred. Nuclear Regulatory Commission spokesman Victor Dricks declined to comment on the joint report, saying the agency does not comment on security-related issues.
The report from the FBI and Homeland Security did not identify any victims or describe the impact hackers had on targeted networks. It did say that cyber attackers have historically "targeted the energy sector with various goals ranging from cyber espionage to the ability to disrupt energy systems in the event of a hostile conflict." Homeland Security and FBI officials did not respond to requests for comment on the report, which was dated June 28.
Download SafeUM — communicate privately, without advertising and spam.
