Hackers have been targeting companies that operate nuclear power stations around America, prompting the Department of Homeland Security and the FBI to issue an urgent warning about the severity of the threat, several media outlets reported on Thursday.
Both The New York Times and Bloomberg published details from a joint report released by the government agencies last month that described efforts by hackers to infiltrate the systems of nuclear facilities, including the Wolf Creek Nuclear Operating Corporation. The report did not provide details of the cyberattacks, but the Kansas-based Wolf Creek said its systems were not affected, according to the Times.
Both publications, citing security experts and U.S. officials, said the attacks could be used to disrupt the power grid, and DHS and the FBI sent out a warning to utility companies on June 28 about the potential for hacking.
The agencies said on Thursday that there is no current threat to the public.
“There is no indication of a threat to public safety, as any potential impact appears to be limited to administrative and business networks,” DHS and the FBI said in a joint statement provided to the Times.
E&E News, a news site focusing on the energy industry, first reported that investigators were looking into multiple attacks on nuclear power generators this year. E&E said there was no evidence any systems had been compromised, but experts warned the existence of such threats points up the vulnerability of American power plants.
Last week, Reuters said hackers have been using phishing emails in an attempt to “harvest credentials” for various energy sector networks.
“Historically, cyber actors have strategically targeted the energy sector with various goals ranging from cyber espionage to the ability to disrupt energy systems in the event of a hostile conflict,” the report said, according to Reuters.
In 2016, the head of the International Atomic Energy Agency, the United Nations nuclear watchdog, warned of the potential for hacking at nuclear power plants worldwide, citing an effective attack that “caused some problems” two or three years prior.
“This is not an imaginary risk,” IAEA Director Yukiya Amano told Reuters in October. “This issue of cyber attacks on nuclear-related facilities or activities should be taken very seriously.”