Senators want answers on risk of nuclear power plant hacks

Sen. Ed Markey is one of the lawmakers pressing federal agencies for info on efforts by foreign hackers to access computer networks at U.S. nuclear plants.

Alfred Ng
Alfred Ng Senior Reporter / CNET News
Alfred Ng was a senior reporter for CNET News. He was raised in Brooklyn and previously worked on the New York Daily News's social media and breaking news teams.
3 min read

The FBI says this Kansas nuclear power plant was targeted for cyberattacks.

Wichita Eagle

Congress has some nuclear concerns when it comes to cybersecurity.

On the heels of reports of foreign hackers trying to access computer networks at U.S. nuclear power plants, Massachusetts Sen. Edward Markey on Monday wrote a letter (PDF) to five federal agencies asking for more information about the attacks. 

Specifically, the top Democrat on the International Cybersecurity Policy subcommittee raised concerns with the heads of the Department of Defense, Department of Energy, Department of Homeland Security, Federal Bureau of Investigation and the Nuclear Regulatory Commission about how the US is defending its nuclear power plants from foreign attacks and threats.

Among other information, Markey wants to know the number of nuclear plants that suffered attacks, who coordinates cybersecurity for nuclear power and recommendations for improving security. He has requested answers by Aug. 10. 

On Friday, the FBI and DHS reported hackers have been targeting nuclear facilities in the US since May, and that the frequency and intensity have increased over the last two months.

Cybersecurity has become a growing concern as global ransomware and infrastructure shutdowns attacks continue to devastate the world. After the GoldenEye ransomware attack struck Ukraine, workers at the Chernobyl nuclear disaster site had to monitor radiation manually.

Politicians are concerned a similar cyberattack on US nuclear power plants could have disastrous results. Wolf Creek Nuclear Operating Corporation, which manages a power plant in Kansas, was one of the companies targeted by hackers in the attacks, according to the FBI.

The DHS pointed out the attacks were mostly on the business side, and that there were no threats to any operations or public safety. But Markey says there is still potential for future attacks.

"There is no guarantee that malicious code could not migrate to physical control systems through the errant or unauthorized use of removable storage devices," Markey wrote.

The breaches against Wolf Creek's nuclear power plant follow the methods of an Advanced Persistent Threat, one that hides in the background while it steals as many important documents, emails and user information as it can before it's detected.

It's able to attack critical infrastructure because much of it is "relying on outdated security systems with limited detection capabilities," Ken Spinner, the vice president of field engineering at security firm Varonis, said in an email.

The joint warning from the DHS and FBI has also resparked concerns from Washington Sen. Maria Cantwell, a top Democrat on the Senate Energy and Natural Resources committee. In the last few months, she has been asking the Trump administration bolster cybersecurity for critical infrastructure. But she's reportedly even more concerned in light of recent reports.

In a statement to CQ Roll Call, Cantwell called the attempts "disturbing," and signs that US rivals are "trying to take advantage of the very real vulnerabilities" of the US energy infrastructure.

Sen. Angus King, a Maine Independent, is pushing for a bill for the US to develop a strategy for cybersecurity and protect electric grids from future attacks.

While the attacks against the nuclear power plants may not be an imminent threat, they don't have to be, experts believe.

Michael Daniel, the Cyber Threat Alliance president and former President Barack Obama's cybersecurity czar, said the report shows power plants are a critical target for hackers. He recommends agencies improve their communication and share more details about attacks to help prevent any future breaches.

Attacks against critical infrastructure are becoming a new norm, Amit Yoran, CEO of security company Tenable, said in an email. He recommends practicing better security common sense to help stop them.

"There will be other attacks. And they may be far more damaging. If this isn't a stark wake up call, I don't know what is," Yoran said.

 It's Complicated: This is dating in the age of apps. Having fun yet? These stories get to the heart of the matter.

Tech Enabled: CNET chronicles tech's role in providing new kinds of accessibility.