FBI-DHS warns of attacks on nuke plant operators

[zxsq]

Quote

The Department of Homeland Security and FBI have issued a joint report providing details of malware attacks targeting employees of companies that operate nuclear power plants in the US, including the Wolf Creek Nuclear Operating Corporation, The New York Times reports. The attacks have been taking place since May, as detailed in the report issued by federal officials last week and sent out to industry.

Basically the same old infected email attachments attack, but this time its directed at nuclear plants. I mean, that's pretty worrying isn't it?

Quote

There is no evidence that information on plant operations was exposed. FBI and DHS analysts have not been able to determine the nature of the malware planted by the attempted hacks, which used a "spear-phishing" campaign targeting senior industrial control engineers at nuclear facilities. The tailored e-mails contained fake résumés and appeared to be from people seeking control engineering jobs, according to the report seen by the Times.

Attacks unofficially show signs of being from russian threat group "energetic bear", known to target industrial control systems

Quote

attacks are similar in approach to those staged over the past five years by a "threat group" known by some researchers as "Energetic Bear"—a Russia-based campaign against energy sector targets. In those attacks, the malware implanted by the malicious e-mail attachments specifically targeted industrial control systems.

 

Original article from ars technica

[Guest]

 

[Billy_Mays]

6 minutes ago, Dutch-stoner said:

 

What the hell is that song?

[Guest]

Dunno @Billy_Mays, but it's funny + russian + about energy. (that band has several moar funny/strange songs/clips)

[Billy_Mays]

7 minutes ago, Dutch-stoner said:

Dunno @Billy_Mays, but it's funny + russian + about energy. (that band has several moar funny/strange songs/clips)

Yeah there's some strange stuff out there now

[Guest]

@Billy Mays While it was already up there in 2013...

[mynameisjuan]

Glad that after the whole XP on the british navy thread and people bashing me because "why would control panels to a nuclear sub be connected to the internet"..."they cant get infected because their IT staff knows more than you ever will"....And yet this article is release shortly after.

 

Ill say it again. People are fucking idiots. Security is only as good as the person using the pc. 

[zxsq]

Just now, mynameisjuan said:

Glad that after the whole XP on the british navy thread and people bashing me because "why would control panels to a nuclear sub be connected to the internet"..."they cant get infected because their IT staff knows more than you ever will"....And yet this article is release shortly after.

 

Ill say it again. People are fucking idiots. Security is only as good as the person using the pc. 

Well, it was made clear in the article that these are administrative PCs, not controls ones. The theoretical method of attack for the controls pc continues to be infectrd USB drives, and that is more difficult now, after stuxnet made everyone aware of usb drives, and autoplay was disabled.

 

And WRT the "XP on warships",

Quote

These XP machines are mostly part of system running Ballasting (managing water in ballast tanks ). Softwares which manages ballasting are pretty legacy and rarely see a update due to all regulations they have to pass. And 99% of times these systems are not on any network and if they are on network, they have a separate hardware firewall.
So if something is stable even if its old its not always bad.

Just compare all that to running nuclear arsenal on 5 inch floppy disc and  DOS based systems.

-Amrit2022 on Spiceworks

 

[elfensky]

57 minutes ago, Billy_Mays said:

What the hell is that song?

_german
Do you want more or is that your intoxication speaking?
The Russians are here after a day's march,
Let's go along with the energy exchange,
Come on everybody move your ass!
_russian
Move your shoulders - ye
Hands & feet - ye
Move yo hips in circles - yе
We have overcome the linguistic barrier
_english
Are you ready to break down the wall?
Crack the bone till it falls.
Let's run around,
Lift off the ground!
_chorus
ENERGIJA ENERGIJA ENERGIJA ENERGIJA
_russian
You have a power-supply in you
Voltage increasing to over 5000 Watts
This energy exchange will reunite
those, who is here with us
Those who follow me - repeat:
_russian
Move your shoulders - ye
Hands & feet - ye
Move yo hips in circles - yе
We have overcome the linguistic barrier
_english
Are you ready to break down the wall?
Crack the bone till it falls.
Let's run around,
Lift off the ground!
_chorus

ENERGIJA ENERGIJA ENERGIJA ENERGIJA
_english

Are you ready to break down the wall?
Let's run around,
Lift off the ground!

[Billy_Mays]

Just now, ElfenSky said:

_german
Do you want more or is your intoxication?
The Russians are there after a day's march,
Let's go along with the energy exchange,
Come on everybody move your ass!
_russian
Move your shoulders - ye
Hands & feet - ye
Move yo hips in circles - yе
We have overcome the linguistic barrier
_english
Are you ready to break down the wall?
Crack the bone till it falls.
Let's run around,
Lift off the ground!
_chorus
ENERGIJA ENERGIJA ENERGIJA ENERGIJA
_russian
You have a power-supply in you
Voltage increasing to over 5000 Watts
This energy exchange will reunite
those, who is here with us
Those who follow me - repeat:
_russian
Move your shoulders - ye
Hands & feet - ye
Move yo hips in circles - yе
We have overcome the linguistic barrier
_english
Are you ready to break down the wall?
Crack the bone till it falls.
Let's run around,
Lift off the ground!
_chorus

ENERGIJA ENERGIJA ENERGIJA ENERGIJA
_english

Are you ready to break down the wall?
Let's run around,
Lift off the ground!

No I was interested by the visuals and lyrics at the same time 

[elfensky]

1 minute ago, Billy_Mays said:

No I was interested by the visuals and lyrics at the same time 

Oh. Well, #russians, there's no explaining that.

[ScratchCat]

3 hours ago, ElfenSky said:

Voltage increasing to over 5000 Watts

 

Physics disagrees;)

[Ithanul]

4 hours ago, Billy_Mays said:

What the hell is that song?

Turbo Polka with a metal flare.

 

Awesome band.  Gave me a good laugh seeing that here.

3 hours ago, mynameisjuan said:

Glad that after the whole XP on the british navy thread and people bashing me because "why would control panels to a nuclear sub be connected to the internet"..."they cant get infected because their IT staff knows more than you ever will"....And yet this article is release shortly after.

 

Ill say it again. People are fucking idiots. Security is only as good as the person using the pc. 

Don't surprise me one bit.  I deal with officers in the military (usually wind up as help desk).  The questions I get on stuff is just mind blowing at times.  Or, they seem to have this bad habit of physically damaging the printers....or, the recent dumb nut who kept hooking an external USB hard drive to a computer (super big, no, no).

 

So, I be not surprise that someone in a power planet clicks a bad link or smacks an USB into a port.  Maybe they need to do what the Army does, super glue the ports.

[Doobeedoo]

Well that's terrible though.