Published on August 23rd, 2019 📆 | 6731 Views ⚑0
How an employee hacked a nuclear power plant to make money
The cryptocurrencies fever has led many interested parties to commit crazy acts in order to make a profit easily and without spending too many resources. Network security experts report that Ukrainian authorities are investigating a potential security breach related to the mining of virtual assets at a nuclear power plant.
The incident occurred at the Yuzhnoukrainsk
nuclear plant in southern Ukraine. Apparently, a group of employees decided to
connect a portion of the plant’s internal networks to the public Internet in
order to use the facility’s computer resources to mine cryptocurrencies.
As a nuclear power plant, whose operations are
considered classified information of the Ukrainian government, the country’s
Secret Service began investigating the incident of security breaches in
For network security experts collaborating with
the Ukrainian government, perpetrators could have used this incident as an
access point to the nuclear plant systems for the purpose of extracting
classified information, such as blueprints, data on their defense mechanisms,
among other confidential details.
It is not yet known how this intrusion was
detected, but it has been revealed that last July the Ukrainian Secret Service
raided the nuclear plant’s facilities and confiscated the computer equipment
from which employees would have operated this mine scheme cryptocurrency. In addition,
reports show that mining was controlled from the plant’s administrative staff
offices, not from the industrial network.
As part of the investigation, the Ukrainian
authorities confiscated two metal boxes filled with computer parts, external
power sources, cooling systems and video cards. At least a dozen employees were
singled out as accomplices to this conspiracy, although so far no single arrest
has been made; authorities have not yet ruled out the possible involvement of
military members of the plant in this scheme.
Network security experts believe that recent
news about the increase in the value of some virtual assets may have influenced
these employees’ plans. In addition, it is a fact that these operations can
prove redeemable, especially if the computer resources of other people’s
computers are used, an attack known as ‘cryptojacking’.
Unfortunately this is not the first time that
employees of a government institution abuse access to the public computing
resources to mine cryptocurrencies. About a year ago, the Russian intelligence
agency arrested a group of engineers from the Russian Nuclear Center after
discovering that they were using the agency’s supercomputer to mine various
A similar incident occurred in Australia, when a group of government employees took advantage of the Office of Meteorology’s IT infrastructure to try to mine Bitcoin. As reported by network security specialists from the International Institute of Cyber Security (IICS), employees connected their own mining platform to the Office’s networks, allowing them to take advantage of a large amount of resources from government computers.