
Hackers Are Targeting Nuclear Facilities, Homeland Security Dept. And F.B.I. Say - danijelb
https://www.nytimes.com/2017/07/06/technology/nuclear-plant-hack-report.html
======
Animats
I'm worried. I've been following the Maersk outage. The world's biggest
shipping line still hasn't fully recovered. Their less automated ports were
down for several days. LA and NJ finally came back up about two days ago, but
operations are still partially manual and they're running longer hours trying
to cope.

Their most automated port, Maasvlakte II in Rotterdam, is still processing
imports only; no exports. Some containers there are stuck in the stacks; they
have a list of which containers can be reached. They're requiring paper
customs forms and a paper commercial release, instead of their usual paperless
system. Earlier, they were so down that the automated cranes could not unload
ships. This is what Maasvlakte II looks like in normal operation. There are no
people on the quay at all. All those cranes and AGVs are automated.[1]

Maersk's financial side is still down. They're not sending out invoices, which
means zero revenue. They just announced a price cut, to keep shippers. Some of
their phone and email systems are still down. The booking side is now up, so
they can take new shipping orders.

This is the first time we've seen real-world outages of this magnitude. It may
not be the last.

(Where's the Flexport guy who posts on here? He has to deal with all these
problems. Flexport is a freight forwarder, which means that when something
goes wrong with freight they are forwarding, it's their problem to fix it.)

[1]
[https://www.youtube.com/watch?v=zm_rlLyelQo](https://www.youtube.com/watch?v=zm_rlLyelQo)

~~~
flukus
How is this not bigger news? I assumed the lack of coverage meant that
everything was back to normal.

Had this been several of the big shipping companies at once the world would be
reeling by now, especially economically.

~~~
mbrock
"I assumed the lack of coverage meant that everything was back to normal."

Incidentally, that seems like a pretty fundamental issue with news in general.

~~~
flukus
You're right. A big thing in the news around here lately has been one punch
kills. I have no idea is it was always a thing and not reported as such or if
we've somehow become softer.

------
protomyth
_Since May, hackers have been penetrating the computer networks of companies
that operate nuclear power stations and other energy facilities, as well as
manufacturing plants in the United States and other countries._

 _Wolf Creek officials said that while they could not comment on cyberattacks
or security issues, no “operations systems” had been affected and that their
corporate network and the internet were separate from the network that runs
the plant._

Good, I'm glad they are not insane, but I also hope they have pretty stringent
rules to keep personnel from plugging in unverified devices. Stuxnet should be
a lesson to all.

~~~
dreamcompiler
They're not insane; they're just lying. 15 years ago it was believable that
control networks were airgapped from the Internet. But today, the likelihood
that some low-level tech has plugged a wifi router into the control network
for his own convenience approaches 100%.

~~~
mirkules
If you did that in my previous company, you would get a visit from IT and a
good tongue-lashing from your manager within 15 minutes of doing that. As a
20-something, it seemed like an overreaction. As a 30-something, it seems
perfectly reasonable.

~~~
walshemj
At a CNI site like a nuke plant you will get the interview without tea and
biscuits lose your job and security clearance.

------
packetized
This might be the most top-heavy title I've ever read, given the economy of
words. "Hackers Are Targeting Nuclear Facilities, Say Homeland Security Dept.
and F.B.I." would be much more balanced - or am I just off my rocker?

~~~
nthcolumn
Indubitably any facility of sufficient complexity or strategic value will draw
more or less continuous unwanted attention from foreign state actors.
'Targeted by hackers' could include port scans and phishing attempts. What
with the recent, perhaps only perceived, upsurge in activity it is hard to
know whether this is complete bunk, nsa-script-kiddie open season or something
even more sinister. It is sad that the agencies in question no longer enjoy
the level of trust by the public they once had.

------
narrator
Whenever I see (nytimes.com) after a URL I know that there's some big long
bill that's been sitting in a drawer somewhere that's going to suddenly get
pulled out of that drawer and will be voted on next week and this is just
setting the stage for it.

~~~
BoiledCabbage
You're implying that most articles on nytimes are written to preemtively lay
support for future bills? That seems like a pretty strong statement that'd
need at list a hint of evidence with it.

Has this been a pattern? Do you have examples? Are there stories that the
nytimes covers that other papers don't cover that suddenly become bills? What
inspired this?

Your post comes across as a lot of innuendo without providing any support...
at all.

~~~
beachbum8029
Go to bed, ny times reporter.

------
notspanishflu
Rubén Santamarta is going to talk about vulnerabilities that affect widely
deployed radiation monitoring devices in nuclear facilities.

"The purpose of this talk is to provide a comprehensive description of the
technical details and approach used to discover multiple vulnerabilities that
affect widely deployed radiation monitoring devices, involving software and
firmware reverse engineering, RF analysis, and hardware hacking."

That will be July 26 at Black Hat USA 2017.

Go Nuclear: Breaking Radiation Monitoring Devices
[https://www.blackhat.com/us-17/briefings/schedule/index.html...](https://www.blackhat.com/us-17/briefings/schedule/index.html#go-
nuclear-breaking-radiation-monitoring-devices-6829)

~~~
dmix
If this was the 50s or 60s the government would never allow a talk like this
to happen. Anything to do with nuclear was kept as a black art. Fortunately
that paranoia has lifted so we can have safer systems.

------
IIAOPSW
I'm skeptical that there's a real threat to nuclear facilities. I've visited
reactors before and seen first hand that the control rooms are all still based
on analog components. The reason for the analog components is precisely
because they are reliable and unhackable. When it comes to physical security,
I can't think of a harder place to break into than a nuclear power station.
You're not going to sneak in that's for sure. This reeks of manufactured
consent. Are you afraid of hackers yet?

~~~
kuschku
> You're not going to sneak in that's for sure.

Wasn't one of the IS terrorists of Paris employed in Belgium at a nuclear
powerplant?

~~~
IIAOPSW
I literally do not know anything about this. Didn't even know Belgium had a
nuclear power plant. Source please?

I can't speak for Europe, but I know in America even if you worked at the
place you're not pulling off an attack. You're not going to sneak a gun past
the check point. If you do somehow sneak in a gun or a knife, you're not going
to live very long before the guards kill you. You're not going to get into
someplace where your keycard/job status doesn't let you. Overall the most
likely outcome is you trigger an unscheduled reactor shutdown and throw your
life away. I can't imagine anyone making a 6 figure reactor job salary
throwing their life away. Money > religion.

~~~
kuschku
Apparently he left the powerplant and went to Syria to do jihad there, but
still: [http://www.brusselstimes.com/belgium/1154/belgian-
jihadist-f...](http://www.brusselstimes.com/belgium/1154/belgian-jihadist-
former-worker-at-doel-nuclear-plant-dies-in-syria)

~~~
bb611
He had a clearance through a contractor to inspect welds:
[https://www.washingtonpost.com/world/europe/brussels-
attacks...](https://www.washingtonpost.com/world/europe/brussels-attacks-
stoke-fears-about-security-of-belgian-nuclear-
facilities/2016/03/25/7e370148-f295-11e5-a61f-e9c95c06edca_story.html?utm_term=.c412eca26c11)

I don't know the specifics of this particular plant's security procedures, but
it's unlikely he was in a position to do any significant damage to the plant,
and his clearance process was likely much less involved than would be for
someone who is in a position to do real damage.

------
strictfp
Government warfare is really the worst thing that has ever happened to the
internet. I wish they would leave this old-fashioned territorial thinking to
rot in the material world.

~~~
skepticaldrunk
I hate to be that guy, but you know that the internet as we know and love it
today started out as ARPAnet, right? The internet was domesticated, not
weaponized.

------
oldandtired
As long as the systems controlling infrastructure (of any kind) are network
accessible, they are internet accessible. Hence, they will be attacked.

Convenience always works to the attackers gain, and convenience is the name of
the game for engineers and managers and support staff. Unless the system is
physically isolated and protected and there is no kind of networking
available, it is effectively crackable. Even if physically isolated, staff can
still be bought.

------
watertorock
I'd imagine every piece of infrastructure is targeted that can be.

What's going to be done about it is the real question.

~~~
nthcolumn
True but a wind farm taken over by hackers is still just a wind farm not a
thermonuclear weapon.

~~~
DennisP
A nuclear plant taken over by hackers isn't a thermonuclear weapon either.

~~~
emiliobumachar
The implication is that, once it's taken over, the hackers could intentionally
trigger a Chernobyl-scale spill.

Not quite as bad as a nuclear weapon detonated in a big city, but still very
bad.

~~~
DennisP
It's unlikely that hackers could manage even a Chernobyl-scale problem on a
modern nuclear plant. Chernobyl had several horrendous flaws. For one, it had
a positive feedback: as the fuel got hotter, the reaction sped up. With modern
plants the opposite occurs.

Also Chernobyl had no containment dome.

Even the old GenII designs in the U.S. have much better inherent safety than
Chernobyl had. There's no way to hack away physical barriers. Even TMI, our
worst accident ever with a full meltdown, did not breach the containment
barriers.

And of course with any commercial plant, there's absolutely zero chance of an
actual nuclear detonation, much less a thermonuclear one as mentioned in the
comment above. The fuel just isn't enriched enough to work as a bomb.

------
thehardsphere
Aren't hackers always targetting Homeland Security and nuclear facilities?
Hasn't this been the plot of 24 for over a decade now?

~~~
daxorid
Yes, but it becomes a much higher media priority when the entire intelligence
community begins to agitate for WW3 with Russia.

I knew before clicking that there would be a baseless nod to *Bear attribution
in this article, and it certainly didn't disappoint.

~~~
tree_of_item
What makes you think they are "agitating" for WW3 and not simply responding to
actual aggression by Russia?

~~~
CodeWriter23
Because the US has clearly stated it wants Assad out of Syria, and Russia has
clearly stated it wants Assad to remain. And nobody gets away with telling the
US how it's going to be when it comes to oil supply.

~~~
knowaveragejoe
Is the implication that oil supply has much to do with Syria? I understand
Russian natgas companies have some pipelines that traverse the country into
Turkey and their eventual customers and Europe, but I'm failing to see what
that has to do with oil and the US. The US gets most of its oil from Canada.

~~~
CodeWriter23
Looks like the US gets most of its oil from home. 62.1%

[https://www.google.com/amp/s/www.forbes.com/sites/rrapier/20...](https://www.google.com/amp/s/www.forbes.com/sites/rrapier/2016/04/11/where-
america-gets-its-oil-the-top-10-suppliers-of-u-s-oil-imports/amp/)

~~~
DickingAround
Yes, it would be more apt to just admit the feds consider that their
playground and don't want someone else playing there. (probably the US fed
people doing it want 'democracy' and the Russia people doing it want
'stability' but the exact ideology is unimportant since neither is really
acting in accordance with that ideology so much as just stirring the pot)

------
coldtea
Sorry, why are "Nuclear Facilities" on the internet in the first place? Or the
FBI for that matter...

If they mean they are targeting some public facing BS server for some website
they keep, OK, who cares...

But anything functional and touching controls should be very well out of
bounds...

------
crb002
I translate that into contractors aren't required to warranty their embedded
components. Rewrite the contracts.

------
astrodust
The US administration is under the impression that they can wage a
conventional war against an adversary like North Korea, yet this is the same
nation-state actor that is claimed to have hacked into Sony.

If North Korea is attacked militarily expect hell to be unleashed online. What
we've seen is just experiments, not actual attacks. A full-out war could be
vastly more damaging.

~~~
thehardsphere
Please. "Hell online" is going to be trivial compared to the thousands who
will die in the first hours of the conventional artillery shelling of Seoul.
Let's not pretend that some leaked emails are in any way going to be as bad as
that.

And frankly, hacking into Sony is not that hard to do.

~~~
astrodust
I honestly don't know what's worse. Shelling Seoul, which will be bad don't
get me wrong, or killing the power grid and water systems of entire countries.
The latter could utterly cripple logistical systems and lead to a total melt-
down of society if there was enough panic brewing. If there's shelling you can
evacuate the city, you can head out of range of the guns. There's nowhere to
hide from electronic warfare if your entire society depends on power, fuel and
computers.

This isn't about leaked emails or advance copies of movies, it's about
attacking and permanently damaging large portions of infrastructure. If you
can fiddle with a power plant you can destroy generators, transformers, and
other extremely expensive equipment that could months to source, fabricate,
transport and replace under ideal conditions. They don't have a warehouse full
of spare turbines just sitting around.

Stuxnet showed what can happen if you pin-point target a particular system. If
you broaden the scope of your targets, if you don't care about collateral
damage, the stakes are very, very high.

Hacking into Sony wasn't hard and I have a sneaking suspicion that most
infrastructure control systems are as bad or worse.

The black-out in eastern North America in 2003 shows how suddenly things can
change if the grid goes down. That only lasted a day and yet the economic
destruction was significant. Imagine if not only were the power plants
offline, but they were crippled in such a way they couldn't come back without
serious repairs. _That_ is a possibility here. Months without power, without
water.

~~~
zxcmx
Shelling Seoul is worse.

Just ask yourself which would be worse for you, say, a week or even a month
without power or a rain of explosives randomly demolishing buildings in your
city.

We can get stuff working one way or the other without networked computers but
there is no reasoning with shells.

~~~
adrianN
Shelling affects one city, whereas destroying the power grid can affect a
whole country.

~~~
thehardsphere
Shelling a major metropolitan area will kill _thousands_ of people within
_hours_. The power grid going down doesn't typically kill very many people
unless it is down for a long time.

~~~
bluGill
It won't be MY city they are shelling, they cannot reach my city with their
guns. Even if they could we are low down on the list of targets. However they
can reach my city in a broad bring down all water systems attack. I suspect
there are only a couple vendors of water control systems so if there is a hold
in one vendor's water control system they will attack everyone at once. Tiny
towns with < 500 people will be hit, and I don't know if my town is one or
not. (actually tiny towns are probably easier to target, large cities probably
have a mix of systems so they are more likely to get by with a general
everyone conserve water message, whiel the small towns are down completely.

~~~
astrodust
Many municipalities have sold off large chunks of their infrastructure to
private companies that are always more concermed with profit than expenses
like "security".

It stands to reason that the smaller towns will be hit the hardest since
they're the least prepared for electronic warfare. Their IT department is
going to be the same guy that tests the water and removes dead animals from
the reservoir.

------
dsfyu404ed
Maybe I won't have to wait for sea level rise to wipe my hometown off the face
of the earth, some jerk in Russia will pop the nuclear plant that's up-wind
and it'll be uninhabitable.

------
dilemma
Of course they are. They hate your freedom.

So long and thanks for the propaganda, NYT.

~~~
jpitz
There must be subtext here that I don't understand.

~~~
fatbird
The NYT was one of the chief cheerleaders for the Iraq War, both through
Judith Miller being an outright mouthpiece for Bush administration propaganda,
and more generally through being a friendly media outlet of "balanced"
thinkpieces that set the stage for popular support for a non-declaration-of-
war (the AUMF) that allowed Bush to invade Iraq based on some nebulous threat
of a WMD attack in the U.S. that was never real.

~~~
3131s
They also had an editorial policy of not referring to any action committed by
US forces as "torture" until 2014.

------
ams6110
Most US nuclear plants were built in the 1970s. How much "computer networking"
do they really have?

~~~
topspin
Every nuclear power plant in the US has an NRC mandated Safety Parameter
Display System. These were retrofitted after the TMI-2 meltdown. The SPDS is
supposed to provide a concise view of critical parameters to avoid the sort of
confusion that led to the TMI-2 incident.

In 2003 Davis-Besse had its SPDS disabled by SQL Slammer, a worm that
congested the network on the site. So in answer to your question, yes these
1970s plants do indeed have devices interconnected in the contemporary manner,
and compromises of these networks have already produced reportable events.

The core components of our power reactors are not at the mercy of software;
operators have authority over reactor protection systems that are deliberately
independent of complex digital controls. Nevertheless, a clever attacker could
probably engineer enough confusion or interfere with ancillary systems badly
enough to produce a notable incident such as a SCRAM. That would certainly
make headlines and lead to a prolonged investigation.

Is it possible that greater damage could be done? Anything is possible. If so
I'd imagine it might involve cooling pools, their circulation and alarms...
who knows. Given enough time, knowledge and planning it might be possible to
cause a serious problem.

~~~
tbihl
If a power plant scrams, how long is the subsequent startup? Do they have any
sort of fast recovery procedure?

~~~
topspin
"how long is the subsequent startup?"

It depends. Fission is complex. Factors include reactor design, fuel age,
xenon accumulation, which parts of the RPS tripped, whatever axles the
resident NRC inspector(s) wrap themselves around... those are few I can think
of as a layman.

"Do they have any sort of fast recovery procedure?"

While operators do strive to minimize outage there is no general "fast
recovery" procedure. There is a startup procedure and that's what you follow.
If everything is optimal then 12-ish hours to begin the restart, several hours
thereafter to become critical, then a relatively slow process of pulling rods
until full power is achieved. "Hot xenon" startups are something you study and
practice in a simulator.

The military has other prerogatives and naval reactors see rapid and frequent
transients. Naval reactors are built (at great expense) to do this. They're
also smaller than civilian power reactors; a 165 MWe naval reactor being
thought "large" whereas a 600 MWe civilian power reactor is on the small side.

