Rebecca Zisser / Axios

Hackers have been penetrating the computer networks of nuclear facilities in the U.S. since May by sending what appear to be legitimate resumes that contain malware and by compromising frequently visited web sites, the Department of Homeland Security and FBI said in a report obtained by the New York Times.

  • The good news: A DHS spokesperson told Axios there's "no indication of a threat to public safety" since the hacks appeared to be isolated in the administrative and business side of the nuclear facilities, not reaching control panels (indeed, one affected facility said no "operations systems" were impacted).
  • The bad news: Stephen Boyer, co-founder of cybersecurity ratings company BitSight, said it's possible code could be sitting dormant to gather intel on how to launch attacks in the future. And if U.S. nuclear facilities are successfully compromised, it could lead to fires, explosions, or spills of dangerous materials. Plus, as an expert on geopolitical issues framed it, other hackers might be watching what the U.S. tries to secure now, which could tip them off for what to target next.

Why this matters: In a "nightmare scenario," according to Barracuda Networks Vice President Asaf Cidon, since a cyber attack on a nuclear plant could "heavily disrupt a critical infrastructure with a click of a mouse."

Breakdown of the attacks

  • The magnitude: The hackers hit at least a dozen U.S. power plants, per Bloomberg.
  • The hack: One of the hacks used, the resume hack, is pretty old and simple but allows you to "see all the communications on the computer ... and infect other computers," Cidon said.
One key thing

It could be Russia: Energy Secretary Rick Perry said Tuesday the hackers "may be state-sponsored" or just "criminal elements" looking for vulnerabilities. Boyer told Axios the way the government refers to the hackers (advanced persistent threats) is a "code word" for nation-state. According to Bloomberg, the chief suspect is Russia, which is concerning since Russian hackers have successfully knocked out Ukraine's power grid before. But one expert on cybersecurity issues told Axios he didn't agree with this assessment since "it's sloppy in the way it was executed…if it was state-sponsored...the ultimate goal" is to stay under the radar.

How facilities can protect themselves
  • Secure facilities: Cidon said it would cost a nuclear facility, depending on its size, anywhere from tens of thousands of dollars to hundreds of thousands of dollars to secure its network, what he calls "a drop in the bucket" compared to the potential consequences of leaving this critical infrastructure unsecured.
  • Separate business and nuclear operations: Especially for critical infrastructure, keeping networks separate is crucial since it's "really hard to do damage to a nuclear facility until you reach the control system," Boyer said.
  • Be careful of protocol: When Russia hacked Ukraine's electrical grid it did so through employees remotely logging into the grid network. (More on that via Wired.)
  • Be wary of vendors: If they get infected with malware, it could affect the nuclear facility as well.
  • Share info: "One of the best defenses is sharing the information" when you've been hacked, Boyer said, especially when it looks like a coordinated, targeted campaign.

Go deeper

32 mins ago - Health

4 former CDC heads say Trump's undermining of agency puts lives at risk

CDC director Robert Redfield and President Trump. Photo: Drew Angerer/Getty Images

Four former directors of the Centers for Disease Control and Prevention blasted the Trump administration's "repeated efforts to subvert" agency guidelines related to reopening schools, accusing the White House in a scathing Washington Post op-ed of undermining science with "partisan potshots."

Why it matters: The directors, Tom Frieden, Jeffrey Koplan and David Satcher and acting head Richard Besser, served in parts of the Obama, Bush and Clinton administrations. They said they "cannot recall over our collective tenure a single time when political pressure led to a change in the interpretation of scientific evidence."

Chinese students at U.S. colleges face deep uncertainty

Illustration: Annelise Capossela/Axios

A new visa guideline issued last week would strip international students in the U.S. of their student visa if their college classes are online-only amid the pandemic.

Why it matters: More than 360,000 Chinese students are enrolled at U.S. colleges. Many of them could be forced to return to China if the rule change is implemented.

Pelosi "absolutely" would skip August recess to reach coronavirus stimulus deal

Speaker Nancy Pelosi (D-Calif.) told CNN on Tuesday she would "absolutely" be willing to forgo the House's August recess to reach a deal for another relief package to help the country battle the health and economic crises caused by the coronavirus.

The big picture: Pelosi indicated the package would earmark money for coronavirus testing and contact tracing, as well as assistance for state and local governments whose budgets are in dire financial straits due to revenue shortfalls caused by the recession.