Computer hackers are focusing on companies that run nuclear power facilities, The New York Times reported this week. Among the targets: the company that runs the Wolf Creek power plant near Burlington, Kan.
The extent of the hack, executed in May, is unclear. It doesn’t appear the hackers were able to penetrate the plant’s operating systems — the attack was launched against corporate computers.
“The plant continues to operate safely,” a company spokeswoman told The Star Friday.
The intrusion is deeply worrisome all the same.
It is now clear that the nation’s digital infrastructure is under relentless, dangerous assault. Hackers have pursued personal credit information, costing companies billions of dollars while terrifying customers. Voter registration information was improperly accessed online.
Malicious software invades home and business computers on a daily basis. So-called ransomware is surreptitiously installed on the computers of unsuspecting users, locking their files until a payment is made.
All of these incidents and others like them are survivable annoyances. But they’re a warning sign the government must work harder to prevent dangerous digital intrusions.
That’s especially true for installations such as a nuclear power plant. The Wolf Creek facility, in operation since 1985, provides electricity for hundreds of thousands of homes and businesses in Kansas and Missouri.
That service could be jeopardized by a cyberattack.
“Imagine the U.S. is shrouded in darkness,” security expert Bret Brasso wrote last year. “Transportation systems have failed, commerce has ground to a halt, thousands have died and unrest is breaking out as public services fail. It all started with hackers — backed by a hostile nation — shutting down the U.S. power grid.”
Yet energy and nuclear installations are a frequent target of hackers.
The Trump administration has asked for additional funds to defend against cyberattacks, but that may not be enough. The government wants to spend $236 million next year on “proactive cyber protection” — a drop in the bucket compared with other federal spending on national defense.
The full Department of Homeland Security budget for cyber-related programs is $3 billion.
In truth, the threat from cyber intrusions may be greater than that from conventional weaponry. The Times story suggests the Wolf Creek attack may be linked to Russia, and China is known to have repeatedly probed our digital defenses, looking for vulnerabilities.
Any state-sponsored hacking into critical infrastructure in the U.S. is outrageous and unacceptable.
Private industry should not be let off the hook. Wolf Creek’s operating company must do what it can to ensure hackers can’t intrude on critical operating and safety systems.
And Washington must do more to protect Wolf Creek and other nuclear power plants from dangerous intrusions. The recent incident is another warning — one that should spur intensified efforts to prevent future attacks.