Hackers are targeting the networks of power plant operators in the U.S. and have been since May, according to reports citing the FBI and Homeland Security.
Specifically, the Wolf Creek Nuclear Power Plant in Kansas was among those targeted, according to a report by those agencies. The cyber attacks were rated “amber,” which is the second-highest rating of risk.
It is not immediately clear how the hackers gained access, how many facilities were compromised, or what the motive was. However, the agencies said these cyber attacks may have been probing attacks meant to map out network weaknesses for future attacks.
According to the New York Times, the techniques resemble those of Russian hacking group “Energetic Bear,” which use targeted emails with attachments.
The attachments, made to look like resumes sent in response to a job posting, contained malicious code and were sent to power plant engineers.
Also in May, President Donald Trump directed the federal government to strengthen the cybersecurity capabilities of government-controlled critical infrastructure. The executive order specifically mentioned attacks that might cause power outages.