How an employee hacked a nuclear power plant to make money

The cryptocurrencies fever has led many interested parties to commit crazy acts in order to make a profit easily and without spending too many resources. Network security experts report that Ukrainian authorities are investigating a potential security breach related to the mining of virtual assets at a nuclear power plant.

The incident occurred at the Yuzhnoukrainsk nuclear plant in southern Ukraine. Apparently, a group of employees decided to connect a portion of the plant’s internal networks to the public Internet in order to use the facility’s computer resources to mine cryptocurrencies.

As a nuclear power plant, whose operations are considered classified information of the Ukrainian government, the country’s Secret Service began investigating the incident of security breaches in critical infrastructure.

For network security experts collaborating with the Ukrainian government, perpetrators could have used this incident as an access point to the nuclear plant systems for the purpose of extracting classified information, such as blueprints, data on their defense mechanisms, among other confidential details.

It is not yet known how this intrusion was detected, but it has been revealed that last July the Ukrainian Secret Service raided the nuclear plant’s facilities and confiscated the computer equipment from which employees would have operated this mine scheme cryptocurrency. In addition, reports show that mining was controlled from the plant’s administrative staff offices, not from the industrial network.

As part of the investigation, the Ukrainian authorities confiscated two metal boxes filled with computer parts, external power sources, cooling systems and video cards. At least a dozen employees were singled out as accomplices to this conspiracy, although so far no single arrest has been made; authorities have not yet ruled out the possible involvement of military members of the plant in this scheme.

Network security experts believe that recent news about the increase in the value of some virtual assets may have influenced these employees’ plans. In addition, it is a fact that these operations can prove redeemable, especially if the computer resources of other people’s computers are used, an attack known as ‘cryptojacking’.

Unfortunately this is not the first time that employees of a government institution abuse access to the public computing resources to mine cryptocurrencies. About a year ago, the Russian intelligence agency arrested a group of engineers from the Russian Nuclear Center after discovering that they were using the agency’s supercomputer to mine various cryptocurrencies.

A similar incident occurred in Australia, when a group of government employees took advantage of the Office of Meteorology’s IT infrastructure to try to mine Bitcoin. As reported by network security specialists from the International Institute of Cyber Security (IICS), employees connected their own mining platform to the Office’s networks, allowing them to take advantage of a large amount of resources from government computers.