Reportedly, the hackers targeted U.S. nuclear facilities, considered one of the most strictly regulated facilities in the U.S. Despite these protections, hackers are however driven to them due to the potential for espionage and other criminal activities.
A Chinese spy balloon over Montana, which is a site of multiple nuclear missile silos, is the most recent alleged spying threat. President Biden has been advised by military advisors to not shoot the balloon down. NBC News was the first to report on the incident.
Brig. Gen. Patrick Ryder, a Pentagon spokesperson says “the U.S. government acted immediately to prevent against the collection of sensitive information, once it spotted the balloon.”
According to Ryder, the U.S. government has seen a similar pattern of behavior for "several years." Similar balloons had previously been spotted over Hawaii and Guam, which are home to U.S. military facilities, says a U.S. intelligence official.
On Thursday, Leaders from two House committees requested the Energy Department to provide them with documents pertaining to cyberattacks by alleged Russian threat actors targeting U.S. national nuclear laboratories.
According to a Reuters article from last month, James Pearson and Chris Bing, Russian hackers known as Cold River targeted nuclear scientists at Brookhaven, Argonne, and Lawrence Livermore laboratories last summer.
“Although it is unclear whether the attempted intrusions were successful, it is alarming that a hostile foreign adversary targeted government labs working on scientific research critical to the national security and competitiveness of the United States,” Reps. James Comer (R-Ky.), chair of the Oversight and Accountability panel, and Frank D. Lucas (R-Okla.), chair of the Science, Space, and Technology Committee, wrote in a letter seeking communications between agencies, labs, and contractors[…] "Hackers who got into the U.S. nuclear command and control system could, theoretically, “trigger a false alarm, making us think that Russian nuclear weapons were on their way”
The report indicated the president to take a decision on whether to launch a strike in counter, says former White House cybersecurity adviser Richard Clarke in a video for the nonprofit Nuclear Threat Initiative last year.
State of Defense by the U.S. Government
The Biden administration has been attempting to impose minimal security requirements on other industries, but the nuclear industry is already among the most regulated, along with the financial services sector and defense contractors. In a recent interview, a White House representative who requested anonymity to speak more openly about the subject said that the NRC “has really strict rules.”
The NRC initially installed cybersecurity protocols in place in the early 2000s. Under the existing regulations, nuclear power plant operators were required to submit security plans to the agency for approval. This summer, more cybersecurity guidelines for fuel cycle facilities are anticipated from the NRC. Less regulation impacts the security of American nuclear weapons than the NSA's ability to safeguard them.
According to a 2019 study by the agency's inspector general, the NRC is required to change its approaches to cybersecurity inspections at nuclear plants in order to emphasize more on monitoring performance. The report also stated that “the inspection program faces future staffing challenges because demographic and resource constraints work against optimal staffing.”
The NNSA “and its contractors have not fully implemented six foundational cybersecurity risk practices in its traditional IT environment,” according to a report from the Government Accountability Office from last year. The nuclear weapons IT environments and NNSA's operational technology environments "have not fully implemented these practices,” it stated.