Hackers have reportedly been targeting computer networks of companies that operate nuclear power plants, manufacturing facilities, as well as other energy firms across the US and other countries.
The US Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) issued a joint report warning of the cyberattacks, which also carried an urgent amber warning.
It is still unclear as to whether hackers were successful in compromising systems of the facilities. The motive and severity of the attacks also currently remain unknown. Authorities investigating the matter have yet to reportedly identify the malware used by the hackers in the cyberattacks. However, the attackers allegedly attempted to map out targets' networks for future intrusions.
The New York Times reported that one of the companies targeted by the hackers was Wolf Creek Nuclear Operating Corporation, which operates a nuclear power plant in Kansas. Wolf Creeks officials reportedly said that none of their operating systems were affected and that their corporate network was different from the one used to run the plant.
The Times reported that the people targeted by the hackers were industrial control engineers, who have direct access to systems, that when disrupted could lead to explosions, spillage of hazardous material or fire, two unspecified sources told the publication.
The hackers reportedly sent malware-laced Word attachments, as part of email messages, to senior industrial control engineers, in an attempt to steal credentials and gain access to systems. Hackers also reportedly employed waterhole and MITM (man in the middle) attacks in order to lure victims.
Nuclear and energy plants have recently come under threat from hackers. Over the past few years, cybercriminals have developed customised malware variants such as Industroyer and Irongate, which specifically target nuclear control systems.
The escalated threat means that companies running nuclear and energy plants are now under pressure to ramp up security measures. International governments have also taken to deeming power plants as criticial infrastructure to offer them additional security against potential cyberthreats.
Meanwhile, in this particular case, the identity and motive of the hackers is yet to be revealed. The scale of the attacks is also unknown so far.