'Hacking' Of US Nuclear Facilities Appears To Be Little More Than The Sort Of Spying The US Approves Of

from the spies-like-us dept

Earlier this week, the New York Times raised the alarm — and vivid Stuxnet imagery — about hackers targeting US nuclear facilities. The DHS raised its own alarm — one with a specific color — about the same hacking attempts.

Among the companies targeted was the Wolf Creek Nuclear Operating Corporation, which runs a nuclear power plant near Burlington, Kan., according to security consultants and an urgent joint report issued by the Department of Homeland Security and the Federal Bureau of Investigation last week.

The joint report was obtained by The New York Times and confirmed by security specialists who have been responding to the attacks. It carried an urgent amber warning, the second-highest rating for the sensitivity of the threat.

Later in the article, the New York Times brings up Stuxnet, despite undermining such speculative comparisons in earlier paragraphs. According to the documents the Times saw, hackers don’t appear to be attempting to control the facilities.

The report did not indicate whether the cyberattacks were an attempt at espionage — such as stealing industrial secrets — or part of a plan to cause destruction. There is no indication that hackers were able to jump from their victims’ computers into the control systems of the facilities, nor is it clear how many facilities were breached.

Wolf Creek officials said nothing sensitive had been breached and the evidence trail suggests something not nearly as concerted as an “attack.” Instead, it appears the breaches have been the result of watering holes and spearfishing, not a concentrated assault on nuclear plant control systems. It’s not that there’s nothing to be worried about, but that there’s nothing to be worried about on an “amber” level, to use the DHS’s own color-coded Map of Worries.

The DHS’s amber alert is mostly baseless… according to the DHS itself.

In a joint statement with the F.B.I., a spokesman for the Department of Homeland Security said, “There is no indication of a threat to public safety, as any potential impact appears to be limited to administrative and business networks.”

One paragraph after that, an official at the agency all 99 US nuclear facilities report to said no facility had reported any breaches of operational systems.

So, there’s apparently some “targeting,” but nothing aimed at operational systems and certainly no Stuxnet-equivalent roaming around plants in search of a nuclear catastrophe. Instead, these “attacks” appear to be something the US considers to be perfectly acceptable hacking… at least when we do it. Here’s Marcy Wheeler on what the hacking revelations actually reveal:

There is spying — the collection of information on accepted targets. And there is sabotage — the disruption of critical processes for malicious ends.

This is spying, what our own cyber doctrine calls “Cyber Collection.”

Cyber Collection: Operations and related programs or activities conducted by or on behalf of the United States Government, in or through cyberspace, for the primary purpose of collecting intelligence – including information that can be used for future operations – from computers, information or communications systems, or networks with the intent to remain undetected. Cyber collection entails accessing a computer, information system, or network without authorization from the owner or operator of that computer, information system, or network or from a party to a communication or by exceeding authorized access. Cyber collection includes those activities essential and inherent to enabling cyber collection, such as inhibiting detection or attribution, even if they create cyber effects. ( C/NF)

This isn’t to say the US shouldn’t be engaged in these activities. This isn’t to say the US should be completely OK with other countries doing the same thing. What does need to be said is the US government needs to be completely clear about what it has observed, rather than raise alerts about cyber attacks that portray intelligence gathering by foreign operatives as attacks on crucial (and potentially dangerous) systems.

That doesn’t mean Russian spying on how our nuclear facilities work is not without risk. It does carry risks that they are collecting the information so they can one day sabotage our facilities.

But if we want to continue spying on North Korea’s or Iran’s nuclear program, we would do well to remember that we consider spying on nuclear facilities — even by targeting the engineers that run them — squarely within the bounds of acceptable international spying. By all means we should try to thwart this presumed Russian spying. But we should not suggest — as the NYT seems to be doing — that this amounts to sabotage, to the kinds of things we did with StuxNet, because doing so is likely to lead to very dangerous escalation.

This is where the DHS fell down in its “sharing” of internal documents with the New York Times. No one bothered to correct the Times when it went off on a Stuxnet tangent. This could give some government officials the wrong idea about what’s happening — both here and in foreign nations. There are many people in power who get much of their information from the press. This leads to bad bills being hurriedly crafted and public calls to action based on hearsay from a document someone else viewed. And that’s just here in the US.

On top of that, there’s how we behave and how we expect others to behave. We’re going to do this sort of thing. So are our adversaries. Both sides will continue to play defense. But going from 0-to-Stuxnet in the DHS’s Ambermobile isn’t a great idea. And it allows US officials to further distance themselves from actions we condone as part of our national security efforts.

Filed Under: , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “'Hacking' Of US Nuclear Facilities Appears To Be Little More Than The Sort Of Spying The US Approves Of”

Subscribe: RSS Leave a comment
That Anonymous Coward (profile) says:

The drama dial turned up to 11 all the time.

So what if we started the cyber games, they are doing it back and we can’t have that!!!
We handed out all of our best hacks to the world, and PEOPLE ARE USING THEM AGAINST US! Don’t these hacks love their parents!?

Perhaps before poking the giant hornets nest world wide, we should have made sure our windows were closed to keep them from flying in and stinging us.

Top men & our best minds….
Worried yet?

Anonymous Coward says:

Why is it that politicians, who pride themselves on being the most adult and reasonable people (Most don’t agree), write everything to do with IT and the Internet on about the same level as my dad trying to be hip when I had friends over as a teenager. All the “Cyber-this and Cyber-that” is so cringe-worthy and the language removes much of the supposed seriousness and any indication that these people even know what they are discussing.
Maybe I am just picky because IT is my living, but to me it sounds like a text about animal welfare where they kept referring to all the “doggies” and “horsies”.

Anonymous Coward says:

The child responses are quite amusing because the word “cyber” rings the same bell with me. Why do politicians love this cartoonish, stupid sounding word so much? And why does Techdirt play along with there stupidity. (And why does Techdirt have a squiggly red line under it on it’s own site for correction? lol)

Richard M (profile) says:

Par for the course hypocrisy

It is not just “Cyber” that gets all the holier than thou hypocrisy. All the hair pulling about the election “hacking” where everyone is completely losing their minds.

The US interferes in the politics of other countries more than any other Govt on the planet. Not only do we interfere with elections we actually have a long history of helping to overthrow democratically elected leaders if we do not like their policies.

If we are going to do it to other countries do not be surprised when they do it us.

Wendy Cockcroft (user link) says:

Re: Re: Par for the course hypocrisy

Indeed. And as it happens the extent of partisanship that polarises political discourse in your country acted as a filter to ensure that any actual damage from leaking dodgy emails was limited; Dems didn’t care enough to change their votes. I’m still waiting for an answer as to why, after Hillary won the popular vote, the Electoral College handed the country over to Trump. Nobody appears to be investigating that. What shall we call this? The Red Scare herring?

I say people voted Trump because they wanted change. Okay, they’ve got change. How are they liking all that lovely change?

The Wanderer (profile) says:

Re: Re: Re: Par for the course hypocrisy

Nobody’s investigating that because people know exactly how it happened: Trump won small margins in many states, and Clinton won large margins in a few states, and Trump’s many states had more combined electoral votes than Clinton’s few states.

It’s related to the same way gerrymandering works: pack the people who oppose you into a small number of districts, so that although their candidates in those districts win by huge majorities, their candidates in the majority of districts lose. Electoral-college allocation isn’t rigged in quite the same way as the usual gerrymandering process (for one thing, the district boundaries are the state boundaries, which aren’t really redraw-able in the same way), but the underlying mechanism still works.

IIRC, if three particular states with relatively tiny margins had gone for Clinton rather than Trump, that would have shifted enough electoral votes to the opposite column we’d have had another President Clinton this year. I don’t remember which states that is, however, and it’s possible I’m remembering it wrong.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...