TORONTO The U.S government this week warned American industrial firms about hacking activity targeting the nuclear and energy sectors, a security report seen by Reuters on Friday said, the latest event to highlight the power industry’s vulnerability to cyber attacks.
Since at least May, hackers used tainted “phishing” emails to “harvest credentials” so they could gain access to networks of their targets, the joint report from the U.S. Department of Homeland Security and Federal Bureau of Investigation said.
The report said that in some cases hackers succeeded in compromising the networks of their targets, though it did not identify specific victims of the campaign.
“Historically, cyber actors have strategically targeted the energy sector with various goals ranging from cyber espionage to the ability to disrupt energy systems in the event of a hostile conflict,” the report said.
Homeland Security and FBI officials could not be reached for comment on the report, which was dated June 28.
Energy firms have become increasingly concerned about the threat from hackers following cyber attacks that cut power in Ukraine in 2015 and 2016.
The energy-industry news site E&E News reported on Tuesday that U.S. investigators were looking into cyber intrusions this year at multiple nuclear power generators,
Reuters has not confirmed details of that report, which said that there was no evidence safety systems had been compromised at the affected plants.
It was not immediately clear whether those incidents were related to the hacking activity described by the FBI and Homeland Security.
The report provided technical details to help firms identify whether they had been compromised and information on how to defend against the hacking campaign.
(Reporting by Jim Finkle in Toronto; editing by Grant McCool)