Senators want answers on risk of nuclear power plant hacks
Sen. Ed Markey is one of the lawmakers pressing federal agencies for info on efforts by foreign hackers to access computer networks at U.S. nuclear plants.
Congress has some nuclear concerns when it comes to cybersecurity.
On the heels of reports of foreign hackers trying to access computer networks at U.S. nuclear power plants, Massachusetts Sen. Edward Markey on Monday wrote a letter (PDF) to five federal agencies asking for more information about the attacks.
Specifically, the top Democrat on the International Cybersecurity Policy subcommittee raised concerns with the heads of the Department of Defense, Department of Energy, Department of Homeland Security, Federal Bureau of Investigation and the Nuclear Regulatory Commission about how the US is defending its nuclear power plants from foreign attacks and threats.
Among other information, Markey wants to know the number of nuclear plants that suffered attacks, who coordinates cybersecurity for nuclear power and recommendations for improving security. He has requested answers by Aug. 10.
On Friday, the FBI and DHS reported hackers have been targeting nuclear facilities in the US since May, and that the frequency and intensity have increased over the last two months.
Cybersecurity has become a growing concern as global ransomware and infrastructure shutdowns attacks continue to devastate the world. After the GoldenEye ransomware attack struck Ukraine, workers at the Chernobyl nuclear disaster site had to monitor radiation manually.
Politicians are concerned a similar cyberattack on US nuclear power plants could have disastrous results. Wolf Creek Nuclear Operating Corporation, which manages a power plant in Kansas, was one of the companies targeted by hackers in the attacks, according to the FBI.
The DHS pointed out the attacks were mostly on the business side, and that there were no threats to any operations or public safety. But Markey says there is still potential for future attacks.
“There is no guarantee that malicious code could not migrate to physical control systems through the errant or unauthorized use of removable storage devices,” Markey wrote.
