Hackers have made their way into the systems of American nuclear power plants with methods including malware hidden in fake resumes sent to engineers who control critical systems, federal authorities warn in a report seen by the New York Times. The report from the FBI and the Department of Homeland Security says hackers have been targeting power plants and have hit at least a dozen facilities, including the Wolf Creek nuclear power plant in Kansas. Sources tell Bloomberg that the hackers appear to be searching for ways to disrupt America's electrical grid—and the chief suspect is Russia, where hackers are believed to have taken down part of Ukraine's power system.
Officials at Wolf Creek declined to comment on details of the cyberattacks, though they stressed that it was their corporate network that was attacked, not the one that runs the plant. Wired reports that there is no sign the hackers got anywhere near the networks that control the plants, meaning the attacks, while worrying, don't appear to be a cause for panic. "These were business networks, not computer systems anywhere near the operational systems," says Robert M. Lee, founder of cybersecurity firm Dragos. "On the one hand it’s concerning. On the other it’s really far from anything near the industrial control systems." (In New Jersey, a false nuclear warning was issued in May.)