The US government warned industrial firms about a hacking campaign targeting the nuclear and energy sectors, the latest event to highlight the power industry’s vulnerability to cyberattacks.
Since at least May, hackers used tainted phishing emails to harvest credentials so they could gain access to networks of their targets, according to a joint report from the US Department of Homeland Security and Federal Bureau of Investigation.
The report provided to the industrial firms was reviewed by Reuters on 31 June. While disclosing attacks, and warning that in some cases hackers succeeded in compromising the networks of their targets, it did not identify any specific victims.
“Historically, cyberactors have strategically targeted the energy sector with various goals ranging from cyberespionage to the ability to disrupt energy systems in the event of a hostile conflict,” the report said.
Homeland Security and FBI officials could not be reached for comment on the report, which was dated 28 June.
The report was released during a week of heavy hacking activity.
A virus dubbed NotPetya attacked on 27 June, spreading from initial infections in Ukraine to businesses around the globe. It encrypted data on infected machines, rendering them inoperable and disrupting activity at ports, law firms and factories.