A nuclear power plant has been targeted by bitcoin hackers in the city of Yuzhnoukrainsk in south Ukraine near the country’s capital of Kiev.
How a Nuclear Power Plant and Crypto Came Together
The case marks the first time a plant like this has been compromised in the name of cryptocurrency. Usually, hackers are known for targeting either cryptocurrency exchanges, trading platforms, individual wallets and even government agencies. This time, however, nuclear power is the victim in question.
During a raid on the plant, two bitcoin mining rigs were seized from an administrative wing, as well as network and fiber-optic cables. The situation is particularly dangerous in that the mining could have potentially triggered something to go wrong in the plant’s operations, which could have led to serious problems including a meltdown.
That very same day, a National Guard of Ukraine found additional mining equipment within the plant including several hard drives and GPU video cards. They also found routers and two solid-state drives. All these items and more were discovered within the barracks of the guards that were tasked with watching over the plant. Thus, it’s believed that those employed to work within the plant may be responsible for the hack.
While nobody was hurt due to the event, it appears classified information regarding the plant’s protection system may have fallen into the wrong hands. At press time, it’s unclear if the information was delivered purposely or who may have access to it. It’s also unclear if the data was, in fact, compromised, or if perhaps just the potential to release the information was there.
Nevertheless, several people are likely to be charged in connection with the incident, and authorities are unclear if the National Guard was at the center of it all.
Phil Neray, vice president of industrial cybersecurity at CyberX, believes that the materials and devices uncovered during the raid were likely there for many months. He believes that a “trust but verify” security model is necessary for businesses like these considering the amount of private and confidential information they house. He states:
Even with the strictest policies and regulations in the world, it’s all theoretical if you aren’t continuously monitoring for unusual or unauthorized activity.
You’ve Got to Take Productive Measures
While past cyberattacks don’t compare with what’s stated above, the situation is clear: security surrounding cryptocurrency and blockchain operations is not what it could be. While this didn’t necessarily pertain to crypto specifically, it did involve mining rigs and the process of accessing or extracting new coins. Clearly, the security at the power plant was not strong enough and individuals in charge either had no idea that this was going on or were potentially in on it themselves.
Operations like this should require necessary background checks and several additional steps to ensure those in charge of security will do their jobs well.