Hackers Are Targeting Nuclear Facilities

Megalith

24-bit/48kHz
Staff member
Joined
Aug 20, 2006
Messages
13,003
A report issued by Homeland Security and FBI states that hackers have been penetrating the computer networks of companies that operate nuclear power stations and other energy facilities, as well as manufacturing plants in the US and other countries, since May: one company targeted is Wolf Creek Nuclear Operating Corporation, which runs a nuclear power plant near Burlington, Kansas. The hackers were attempting to map out computer networks for future attacks, but investigators have not been able to analyze the malicious “payload” of the hackers’ code.

The joint report was obtained by The New York Times and confirmed by security specialists who have been responding to the attacks. It carried an urgent amber warning, the second-highest rating for the sensitivity of the threat. The report did not indicate whether the cyberattacks were an attempt at espionage — such as stealing industrial secrets — or part of a plan to cause destruction. There is no indication that hackers were able to jump from their victims’ computers into the control systems of the facilities, nor is it clear how many facilities were breached.
 
Last edited:

B00nie

[H]F Junkie
Joined
Nov 1, 2012
Messages
9,327
Can any country be stupid enough to keep nuclear plants open circuit?
 

fightingfi

2[H]4U
Joined
Oct 9, 2008
Messages
3,231
unplug all know pc's and laptops from the internet problem resolved.............turn off wifi electronics.........
 

RogueTadhg

[H]ard|Gawd
Joined
Dec 14, 2011
Messages
1,527
There's more than one way to hack a system. It doesn't have to be connected to the internet to be hacked. Social Engineering, for example, is probably being used extensively.
 

westrock2000

[H]F Junkie
Joined
Jun 3, 2005
Messages
9,360
What goes around, comes around.....

https://en.wikipedia.org/wiki/Stuxnet

6a0133f3a4072c970b01538f47259e970b-400wi.jpg
 

trparky

Gawd
Joined
Jul 23, 2009
Messages
971
I thought that most people (even hackers) had the sense not to hack something that could kill just about everyone on Earth if something went wrong? Or do these people just love to watch the world burn? In this case... it would be literal thing.
 

THRESHIN

2[H]4U
Joined
Sep 29, 2002
Messages
3,446
I thought that most people (even hackers) had the sense not to hack something that could kill just about everyone on Earth if something went wrong? Or do these people just love to watch the world burn? In this case... it would be literal thing.


Thankfully causing a meltdown or other catastrophic damage by virus isn't a possibility. The control computers are not networked, so it would have to be an employee putting a usb drive or something into the computer.

While that is a very distinct possibility, all of the reactor and turbine trips are independent of the computers. They don't even use computers, it's all mechanical and relays. There's nothing to get anything into.

I'd be more concerned with security and engineering data being stolen than anything. Not saying that this is a good scenario by any means.
 

sfsuphysics

[H]F Junkie
Joined
Jan 14, 2007
Messages
15,461
I thought that most people (even hackers) had the sense not to hack something that could kill just about everyone on Earth if something went wrong? Or do these people just love to watch the world burn? In this case... it would be literal thing.
Well as bad as it would be, if a nuclear plant had a meltdown "just about everyone on Earth" wouldn't be in danger, only those near by said power plant.

And yeah I say you go all Saudi Arabia with them if you catch them, chop off their fingers so they can't ever use a keyboard again.
 
Joined
Jan 17, 2007
Messages
624
Ive worked in nuclear plants, their networks are isolated and control systems arent connected to the internet. Also the usb drives are disabled on all servers amd systems. Mo one is getting in there.
 
Last edited:

vegeta535

[H]F Junkie
Joined
Jul 19, 2013
Messages
9,677
Well as bad as it would be, if a nuclear plant had a meltdown "just about everyone on Earth" wouldn't be in danger, only those near by said power plant.

And yeah I say you go all Saudi Arabia with them if you catch them, chop off their fingers so they can't ever use a keyboard again.
Honesty I would go for death if one is caught doing this. This not something to be messed around. Sure it wouldn't kill everyone in the world but still cause massive damage to the world.
 
Joined
Jan 8, 2003
Messages
558
Not really. The worst nuclear accident in history (Chernobyl) is responsible for an estimated 46 deaths from both short and long term effects. Fukushima's death toll was zero. Three Mile Island was zero. Fears of the effects of nuclear power is roughly a million times larger than its actual effects. eg, Greenpeace claims that nuclear energy kills a million people per year globally, the real number is about one. This makes nuclear power the safest of all available technologies, including wind and solar.

Unfortunately, the break-even point on profitability is too many years in the future and regulatory risk too high for private industry to be interested, so there's no moneyed interest with an incentive to dispel the myths and therefore silly fantasies of radioactive armageddon persist.
 

Cali3350

Supreme [H]ardness
Joined
Mar 22, 2002
Messages
4,701
Not really. The worst nuclear accident in history (Chernobyl) is responsible for an estimated 46 deaths from both short and long term effects. Fukushima's death toll was zero. Three Mile Island was zero. Fears of the effects of nuclear power is roughly a million times larger than its actual effects. eg, Greenpeace claims that nuclear energy kills a million people per year globally, the real number is about one. This makes nuclear power the safest of all available technologies, including wind and solar.

Unfortunately, the break-even point on profitability is too many years in the future and regulatory risk too high for private industry to be interested, so there's no moneyed interest with an incentive to dispel the myths and therefore silly fantasies of radioactive armageddon persist.

To be fair, the fears are well founded. A worst case disaster IS in fact as bad as people fear. Its just the chances of such a thing happening or so ridiculously small its overall probably the safest/cleanest power source we realistically have.
 
Joined
Jan 8, 2003
Messages
558
To be fair, the fears are well founded. A worst case disaster IS in fact as bad as people fear. Its just the chances of such a thing happening or so ridiculously small its overall probably the safest/cleanest power source we realistically have.
Chernobyl was actually worse than the current worst case scenario because that type of reactor is no longer in use and all other reactors of that type were retrofitted so that an accident of that type cannot happen. Fukushima used a very early reactor type that was considered unsafe even in 1961, TEPCO ignored the necessity of safety retrofits and falsified safety inspections, and it still took a one-two punch from Mother Nature to cause the meltdown. There was an oil refinery in the Fukushima prefect that was also hit by the tsunami and caused far more economic and environmental damage than the meltdown, yet it was barely even mentioned because there's no hysteria about oil power to generate clicks. In spite of that, the worst oil disasters like the Deepwater Horizon and Exxon-Valdez spills put even Chernobyl to shame.

Modern nuclear reactors are frequently designed in a way that they cannot melt down. I don't mean that it's unlikely, I mean that a meltdown event would violate the laws of physics. Rather, the events that would lead to a super-critical reactor instead causes the modern designs to shut down.
 

nysmo

Gawd
Joined
Jan 7, 2016
Messages
948
In spite of that, the worst oil disasters like the Deepwater Horizon and Exxon-Valdez spills put even Chernobyl to shame.
I'm sorry, how many people currently live in Chernobyl compared to how many people live near the Deepwater contaminated areas?
 

Uvaman2

2[H]4U
Joined
Jan 4, 2016
Messages
3,143
I think what we are going to find is some DOS computing exhibition in a museum is malfunctioning and trying connect to the network the computer used to belong to, when they boot it up in the morning.
 

Bandalo

2[H]4U
Joined
Dec 15, 2010
Messages
2,660
I'm sorry, how many people currently live in Chernobyl compared to how many people live near the Deepwater contaminated areas?

There's still a 20 mile radius exclusion zone around the plant, which is mostly forest these days. I think there's still ~200 residents that live INSIDE that area, that refused to move when the area was established.

The accident happened in '86. They kept operating the other reactors in the plant until late 2000 until they finally shut down due to lack of funding for upgrades and maintenance...So lots of people lived and worked there for a long time right afterwards.
 

Uvaman2

2[H]4U
Joined
Jan 4, 2016
Messages
3,143
There's still a 20 mile radius exclusion zone around the plant, which is mostly forest these days. I think there's still ~200 residents that live INSIDE that area, that refused to move when the area was established.

The accident happened in '86. They kept operating the other reactors in the plant until late 2000 until they finally shut down due to lack of funding for upgrades and maintenance...So lots of people lived and worked there for a long time right afterwards.
As much as we want to rhetorically fuck them for it, the more I read about it the more i realize the accident was well handled by the soviets. Btw i think the other reactors were operated remotely. Fukoshina though, not looking any better than Chernobyl... Maybe worse, plus they did the exact same thing as in Chernobyl, everything is okay everything is okay, the yes evacuate but just for a few days, no worries, then... Whoops we meant you can't come back! So were was the outrage then? No idea.. but the Soviet Union... Oh my God, decades of outrage... ' cause propaganda I guess.
 

Bandalo

2[H]4U
Joined
Dec 15, 2010
Messages
2,660
As much as we want to rhetorically fuck them for it, the more I read about it the more i realize the accident was well handled by the soviets. Btw i think the other reactors were operated remotely. Fukoshina though, not looking any better than Chernobyl... Maybe worse, plus they did the exact same thing as in Chernobyl, everything is okay everything is okay, the yes evacuate but just for a few days, no worries, then... Whoops we meant you can't come back! So were was the outrage then? No idea.. but the Soviet Union... Oh my God, decades of outrage... ' cause propaganda I guess.

It wasn't handled "well" really. They threw a lot of resources at the problem in a very short time. They HAD a lot of those resources available (men, trucks, helicopters, cement, etc). It was also a whole lot of chaos.

There's no "remote operation" of plants that complex. There's workers at the plants daily. Not IN the reactor compartments, but they're all over the nearby buildings.

Fukoshima was contained to a much, much, much smaller area, and will be cleaned up much sooner.

Most of the "outrage" was due to the radioactive plume (https://en.wikipedia.org/wiki/Chernobyl_disaster#Radioactive_release). This was airborne and spread across many other countries. The accident in Japan was limited to the immediate area of the plant, and then quite a bit of the surrounding coastline. The ocean distributed and diluted much of the contamination down to nearly undetectable levels.

So there's no "propaganda", there's only physics and the environment here.
 

YeuEmMaiMai

Fully [H]
Joined
Jun 11, 2004
Messages
31,560
A report issued by Homeland Security and FBI states that hackers have been penetrating the computer networks of companies that operate nuclear power stations and other energy facilities, as well as manufacturing plants in the US and other countries, since May: one company targeted is Wolf Creek Nuclear Operating Corporation, which runs a nuclear power plant near Burlington, Kansas. The hackers were attempting to map out computer networks for future attacks, but investigators have not been able to analyze the malicious “payload” of the hackers’ code.

The joint report was obtained by The New York Times and confirmed by security specialists who have been responding to the attacks. It carried an urgent amber warning, the second-highest rating for the sensitivity of the threat. The report did not indicate whether the cyberattacks were an attempt at espionage — such as stealing industrial secrets — or part of a plan to cause destruction. There is no indication that hackers were able to jump from their victims’ computers into the control systems of the facilities, nor is it clear how many facilities were breached.


Have you seen the control rooms of most reactors? very primitive and the computers you do see are not even connected to them

Nuclear-power-plant-control-room.jpg
 

Bandalo

2[H]4U
Joined
Dec 15, 2010
Messages
2,660
Have you seen the control rooms of most reactors? very primitive and the computers you do see are not even connected to them

True...the FBI and DHS are both clearly nothing but morons who have no idea what they're doing. We should just ignore this.
 

YeuEmMaiMai

Fully [H]
Joined
Jun 11, 2004
Messages
31,560
if you actually read the report, they were concerned with access or breaches of corporate networks not the facilities themselves, they could not even determine if any breaches occurred. Almost all of our nuclear plants are based off of 1970s tech so yeah, I am not putting much weight into the clickbait...
 

Bandalo

2[H]4U
Joined
Dec 15, 2010
Messages
2,660
if you actually read the report, they were concerned with access or breaches of corporate networks not the facilities themselves, they could not even determine if any breaches occurred. Almost all of our nuclear plants are based off of 1970s tech so yeah, I am not putting much weight into the clickbait...

I can assure you I know a bit more about nuclear power than the average person.

So, what gets stored on corporate networks? Personnel files...good way to compromise an insider. Equipment plans and schematics, security plans, etc...good way to plan a future attack. Maintenance schedules, parts lists, problem reports....good way to understand the weak points. The risk is not someone hacking the control panel and causing an immediate disaster. The risk is the future threat.

But, you know..it's just click-bait.
 

YeuEmMaiMai

Fully [H]
Joined
Jun 11, 2004
Messages
31,560
lol okay hackers are going to get into the control room and fuxxors up everything... got it... again click bait bub... anyone can be compromised but that is not the issue here... I am saying it is going to be damned near impossible for 1 person to intentionally screw something up in a control room.
 

Bandalo

2[H]4U
Joined
Dec 15, 2010
Messages
2,660
lol okay hackers are going to get into the control room and fuxxors up everything... got it... again click bait bub... anyone can be compromised but that is not the issue here... I am saying it is going to be damned near impossible for 1 person to intentionally screw something up in a control room.

Just for reference...The Chernobyl incident occurred with just 2 guys in the control room...
 

YeuEmMaiMai

Fully [H]
Joined
Jun 11, 2004
Messages
31,560
and just for reference they knowingly violated multiple procedures and were for the most part in agreement
 

Bandalo

2[H]4U
Joined
Dec 15, 2010
Messages
2,660
and just for reference they knowingly violated multiple procedures and were for the most part in agreement

Yep..so if the bad guys compromised an insider...or got into the personnel files and marked their "applicant" as "hired"...or any number of other things, they could cause some problems.

I know you're a smart dude...surely if the DHS and FBI view this activity as a serious threat, they must have some idea of the risk, right?
 

Bandalo

2[H]4U
Joined
Dec 15, 2010
Messages
2,660
again not likely to happen, quit making a mountain out of a grain of sand....

Yep..coordinated attacks by a sophisticated actor against US nuclear facilities...we should just toss that one out as clearly irrelevant. It's unlikely they'd succeed...so lets forget about it.
 

_l_

[H]ard|Gawd
Joined
Nov 27, 2016
Messages
1,151
here's a more recent photo. That guy standing there ... purley for the photo. How do I know this is so? Because he looks like he's actually paying attention...hehe. Nuke plants run themselves, little human intervention is needed. Has many fail-safes built-in to prevent a Chernobyl sized catastrophe (Three Mile Island came close though). Turned down a job offer at Diablo Canyon, CA in 93'. Interestingly, it's now the only active nuke plant in CA today and lo and behold, they built it smack dab on top of a major fault line.

image.jpg
 
Last edited:

DejaWiz

Fully [H]
Joined
Apr 15, 2005
Messages
21,633
Have you seen the control rooms of most reactors? very primitive and the computers you do see are not even connected to them

Nuclear-power-plant-control-room.jpg

Those are the manual fall-back controls. Everything those do, are also done by regular 'ole computers running proprietary control and monitoring software (and in many cases, a proprietary operating system). Those old controls aren't there out of requirement...they are there out of necessity in case of a computer system failure.
 
Last edited:

lcpiper

[H]F Junkie
Joined
Jul 16, 2008
Messages
10,611
Thankfully causing a meltdown or other catastrophic damage by virus isn't a possibility. The control computers are not networked, so it would have to be an employee putting a usb drive or something into the computer.

While that is a very distinct possibility, all of the reactor and turbine trips are independent of the computers. They don't even use computers, it's all mechanical and relays. There's nothing to get anything into.

I'd be more concerned with security and engineering data being stolen than anything. Not saying that this is a good scenario by any means.


Why are all the security cams on the East Fence showing the same rabbit running around but from the same angle ?


main-qimg-b0dcaf48a91f7d9ad9f64d5d7b6c4f60
 

Uvaman2

2[H]4U
Joined
Jan 4, 2016
Messages
3,143
Those are the manual fall-back controls. Everything those do, are also done by regular 'ole computers running proprietary control and monitoring software (and in many cases, a proprietary operating system). Those old controls aren't there out of requirement...they are there out of necessity in case of a computer system failure.
So, its the kind of thing that its discovered no one was trained for, after the meltdown.
 

termite

Supreme [H]ardness
Joined
Aug 27, 2004
Messages
5,766
Nuclear power plants are one of those facilities that should gave zero internet connection.

Zero.
 

DejaWiz

Fully [H]
Joined
Apr 15, 2005
Messages
21,633
So, its the kind of thing that its discovered no one was trained for, after the meltdown.

Not true...at least in the US. There's full stand-alone simulator systems that operators are trained on for functionality and disaster contingencies, and it's on-going training for purposes of refresh and new/changed processes, at that.
They don't pass the training, they don't get to keep their operator job.
 
Top