Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Bitcoin Security Technology

Employees Connect Nuclear Plant To the Internet So They Can Mine Cryptocurrency 29

Ukrainian authorities are investigating a potential security breach at a local nuclear power plant after employees connected parts of its internal network to the internet so they could mine cryptocurrency. From a report: The investigation is being led by the Ukrainian Secret Service (SBU), who is looking at the incident as a potential breach of state secrets due to the classification of nuclear power plants as critical infrastructure. Investigators are examining if attackers might have used the mining rigs as a pivot point to enter the nuclear power plant's network and retrieve information from its systems, such as data about the plant's physical defenses and protections. According to authorities, the incident took place in July at the South Ukraine Nuclear Power Plant, located near the city of Yuzhnoukrainsk, in southern Ukraine. It's unknown how the scheme was discovered, but on July 10 the SBU raided the nuclear power plant, from where it seized computers and equipment specifically built for mining cryptocurrency.
This discussion has been archived. No new comments can be posted.

Employees Connect Nuclear Plant To the Internet So They Can Mine Cryptocurrency

Comments Filter:
  • by the_skywise ( 189793 ) on Friday August 23, 2019 @04:33PM (#59118540)
    Why are the computer controlled cooling rods moving so slow?
  • Oh My Freakin' God.......cuff 'em and stuff 'em out to the gulag...

    • No! Don't! Chernobyl was a great show, and I want a sequel.

    • Well, considering that they connected to the internet with the BUSINESS NETWORK, which does connect to the internet, this is a non story with a complete BS headline. No plant systems were connected to the internet or used for cryptocurrency. .

      Business networks connect to the internet ... because that is pretty much essential to do business. More stupidity from the press.
      • Re: (Score:2, Insightful)

        by rtb61 ( 674572 )

        Internal network versus external network. That means actual changes to hardware, rewiring and well, a fuck everyone attitude thar is monies to be made and energy to be pirated. They compromised the security of a nuclear power station, do you really understand how mind bogglingly corruptly stupid that is, seriously fucking stupid. At least they caught it, clearly they had not paid the proper bribes and were being prosecuted or forced to pay the appropriate bribes.

        For the rest of the EU, that this crazy crap

        • Re:Four words..... (Score:5, Insightful)

          by Mr D from 63 ( 3395377 ) on Saturday August 24, 2019 @06:48AM (#59120342)
          Congratulations, you were sufficiently misled by the headline. You should read the actual article.

          Let me spell it out simply; All energy companies, like any other large company, have administrative networks they use to do business. Those networks are avaiable to people who work at nuclear facilities like any other facility. Those networks are connected to the internet. The plant control networks are completely different, separete networks.

          These employee connected some mining hardware to the administrative network, not the plant network. They compromised the corporate business network, not plant operational networks. Furthermore, the admin network was, is, and will continue to be connected to the internet. That is why they used it. It would be zero difference if they had connected that equipment at the corporate headquarters.

          The only 're=wiring' that was required was to plug in a new ether net patch cable to the network. Possibly, if this were corporate IT folks, they may have given credentials to that equipment to allow it to connect. Regular employees rarely have the ability to do so. Or the network wasn't properly set up to not allow such stuff to connect. Either way, its a corporate LAN vulnerability, not a plant one.
    • Gulag is now in Russia - I doubt that Moscow would be willing to cooperate w/ Kyiv on sending their felons there.

      On a different note, why not just have a server farm dedicated to crypto-currency built at Chernobyl? It's not like anything else is going on there

  • This is wayyyy worse: It is complete incompetence in hiring and payment. I shudder to think what this incompetence would do in a real emergency.

  • A) Don't do that.
    B) I hope the police -- Ukrainian Secret Service (SBU) -- also included someone authoritative to say, "This computer belongs here, that one doesn't", and not to just start taking evidence (computers) willy-nilly.
    C) Would YOU want radioactive currency? I wouldn't.
  • by battingly ( 5065477 ) on Friday August 23, 2019 @07:17PM (#59119154)
    Incidents like this could give Ukranian nuclear power a bad name.
    • In Ukraine bitcoin mines you.
    • by AHuxley ( 892839 )
      Its free power, the part of cyber currency math that takes away from profit.
      Get free power and the math adds up.
      More math and that first profit.
      Put money back into the venture and buy a better DIY rig.
      That train trip to the big city to get FPGA vs super powerful ASIC advice.
      The knowing look for the computer shop that someone has free power.
      Rods go up, rods go down, Ukranian nuclear power always free.
  • by account_deleted ( 4530225 ) on Friday August 23, 2019 @07:36PM (#59119202)
    Comment removed based on user account deletion
  • by johannesg ( 664142 ) on Saturday August 24, 2019 @03:22AM (#59120092)

    This equipment was found in the power plant's administration offices, and not on its industrial network.

    But that won't stop slashdot from posting yet another scare story about nuclear power, of course.

    • Exactly. The corporate administrative LAN was, is, and will continue to be connected to the internet, as everyone would expect. They headline is clearly absolutely false.
  • by Solandri ( 704621 ) on Saturday August 24, 2019 @04:45AM (#59120186)
    From TFA:

    This equipment was found in the power plant's administration offices, and not on its industrial network.

    Confiscated equipment included two metal cases containing basic computer parts, but with additional power supplies, coolers, and video cards. According to court documents [1, 2], one case held six Radeon RX 470 GPU video cards, and the second five.

    Further, the SBU also found and seized additional equipment[1, 2] that looked like mining rigs in the building used as barracks by a military unit of the National Guard of Ukraine, tasked with guarding the power plant.

    I highly doubt the power company is in the habit of buying computers which can accept 5 or 6 PCIe x16 cards. More than likely these guys bought the hardware themselves, and just set up the computers at work so they wouldn't have to pay for the electricity to run them.

    Connecting the internal network to the Internet is more serious, but I've seen executives from nearly every company I've been at ask for/demand exactly that. If this was the administrative network that was connected to the Internet, then the danger was an information breach, not loss of control of the power plant.

  • To be fair, as a former Eastern European, this doesn't sound farfetched. The culture of professionalism may be a bit spotty in the area, and I've seen similar things before.

    Maybe the funniest one I remember happened at Romanian semiconductor foundry "Microelectronica", back before the fall of communism (caveat though: may be apocryphal).

    The "Microelectronica" plant was spanking new at the time, using expensive imported production lines. It was designed to make (almost) state of the art integrated circuits,

  • I have read in crypto news here https://cryptolinks.com/crypto... [cryptolinks.com] that the Ukrainian secret service is investigating this as a breach, as that network stored information about the plant's security measures and other operational manuals.

Put your best foot forward. Or just call in and say you're sick.

Working...