By Aaron Kesel
MSM ran with a report about “Russians hacking nuclear plants” – there is just one problem, the report they are all citing explicitly states within the first paragraph that there is no evidence of hacking.
The report originating from the Washington Post ran the headline “U.S. officials say Russian government hackers have penetrated energy and nuclear company business networks,” the key problem is it’s absolute pure clickbait fake news that debunks itself as you read.
The report from E & E News has been used by the Post and subsequently every other “news agency” which clearly states within the second sentence: “There is no evidence that the nuclear energy industry’s highly regulated safety systems were compromised.” Despite this, the Post tries to push the narrative that systems may have been “penetrated.”
But the CIA-owned propaganda vehicle doesn’t care about facts and ignored the evidence to run with its fake news headline. Instead, what they allege within the article was power plant “systems dealing with business and administrative tasks” were infected with malware.
In June, around the same time as those two back-to-back ransomware attacks, the FBI and the Department of Homeland Security sent a joint alert to the energy sector stating that “advanced, persistent threat actors” breached a business computer system and had stolen companies’ network passwords.
The report then goes on to state, that the “agencies did not name Russia at all.” Somewhere between the last sentence the author must have gotten drunk and forgotten what they wrote because they go on to blame Russia, then cite anonymous officials without any type of data to back their claims.
“The campaign marks the first time Russian government hackers are known to have wormed their way into the networks of American nuclear power companies, several U.S. and industry officials said,” the Washington Post wrote.
The author then goes on to make more baseless claims:
“The National Security Agency has detected specific activity by the Russian spy agency, the FSB, targeting the energy firms, according to two officials,” WaPo wrote. “The NSA declined to comment. The intrusions have been previously reported but not the attribution to Russia by U.S. officials,” they added.
The report then cites Reuters which WaPo claims first published their big story.
“Since at least May, hackers used tainted ‘phishing’ emails to ‘harvest credentials’ so they could gain access to networks of their targets, according to a joint report from the U.S. Department of Homeland Security and Federal Bureau of Investigation,” Reuters wrote.
Absent from the Reuters report was the accusation that Russia had hacked any nuclear power plants. It’s also important to note that Reuters put a disclaimer within their article, noting they hadn’t validated claims by E & E that safety systems weren’t compromised.
Reuters has not confirmed details of the E&E News report, which said there was no evidence safety systems had been compromised at affected plants.
One of the companies allegedly affected, Wolf Creek nuclear facility in Kansas, was among at least a dozen U.S. power firms breached in the attack, according to Bloomberg.
A representative with the Wolf Creek Nuclear Operating Corp declined the claim to Bloomberg.
“There has been absolutely no operational impact to Wolf Creek. The reason that is true is because the operational computer systems are completely separate from the corporate network,” Jenny Hageman, Wolf Creek, spokeswoman wrote in an email to Bloomberg.
David Lochbaum, a nuclear expert at Union of Concerned Scientists, brought up the key importance to all these reports that exposes it as fake news. Power plant reactors have a bit of an immunity from cyber attacks because their operation systems are separate from the businesses’ own digital networks. Now, is it possible with a USB drive with Stuxnet or a virus like it on it? Absolutely, but you need physical onsite access or to be an intelligence agency with all the money in the world to develop hacking tools.
In simpler terms, a nuclear power plant is not connected to the same network as business computers, and breaching it would be a lot harder than infiltrating a business computer running the Windows operating system.
The kicker in all this is that the base report by Reuters that the Washington Post is citing to prove “Russia penetrated energy and nuclear company business networks,” states again very clearly: “There is no indication of a threat to public safety” because the impact appears limited to administrative and business networks.
Meanwhile, to add even more of a hit of credibility to the Post, a July 1st article contradicts their claims. U.S. trade group Industry Trade vehemently denied the Post claims that any power plants had been “penetrated.”
“None of America’s 99 operating nuclear plants have been penetrated by a cyber attack,” John Keeley, spokesman for industry trade group Nuclear Energy Institute told Reuters.
The sad thing is that this isn’t the first time that such claims have been erroneously thrown around by the Post; last year the Post claimed this same exact story. On December 30th the paper claimed – based on anonymous sources again – that Russians had hacked into the “U.S. electricity grid” through a Vermont utility company.
The story turned out to be bogus and a product of poor journalism (in other words, fake news), so they changed the headline to reflect a warning of a “security threat.” The Post did a number of things wrong. First, the Post neglected to contact the utility company for comment, who later denied the allegations when they were given a chance to speak, noting to the Post that the malware was found on a single laptop that was not connected to the Vermont grid or the broader U.S. electricity grid as they had claimed. Then days later the Post learned that the limited malware was not even connected to Russian hackers; all this forced them to issue a retraction to their previous story.
But the Post’s lack of cyber security knowledge doesn’t end there. In 2011, the Post reported that damage to an Illinois water treatment plant was a cyber attack by foreign hackers. Naturally the Post blamed Russia again for the alleged breach.
Despite the title once again, an elected official DHS spokesman Peter Boogaard cautioned, “At this time there is no credible corroborated data that indicates a risk to critical infrastructure entities or a threat to public safety.”
Maybe it’s a mistake, and the whole Post doesn’t have knowledge of cyber attacks; or is it deliberate false controversial reporting for ratings? We will let you decide. If it’s a mistake, they certainly need to correct their reporting and do a better job. It personally feels unlikely to me that the Post would screw up three different cyber attacks and blame Russia for all of them without evidence. Is this evidence of Mockingbird 2.0 alive and well?
Image Credit: The Daily Dot