Spitfire List Web site and blog of anti-fascist researcher and radio personality Dave Emory.

News & Supplemental  

Whose Drones Were Surveilling Nuclear Power Plants in France?

Dave Emory’s entire life­time of work is avail­able on a flash drive that can be obtained here. The new drive is a 32-gigabyte drive that is current as of the programs and articles posted by 12/19/2014. The new drive (available for a tax-deductible contribution of $65.00 or more) contains FTR #827.  (The previous flash drive was current through the end of May of 2012 and contained FTR #748.)

You can subscribe to e-mail alerts from Spitfirelist.com HERE

You can subscribe to RSS feed from Spitfirelist.com HERE.

You can subscribe to the comments made on programs and posts–an excellent source of information in, and of, itself HERE.

COMMENT: Late last year, a series of drone flights over nuclear power plants in France raised alarm at the time.  Although 3 people were detained and then released (apparently not engaged in sinister activity), questions remain about the large number of flights.

In the wake of the attacks on Charlie Hebdo and a kosher delicatessen in Paris, one wonders if some of the flights may have been preparatory to an attack of some kind?

IF, in fact, such an attack were to take place, things will become SERIOUSLY interesting.

“France Arrests 3 with Drones by Power Plant” by Dan Bilefsky; The New York Times; 11/7/2014.

Two men and a woman were questioned by the police on Thursday after being arrested in possession of two drones near the Belleville-sur-Loire nuclear power plant in central France, news agencies reported. The arrests follow a wave of at least 14 illegal drone flights over French nuclear plants in recent weeks, which have raised concerns about the security of the country’s main source of electricity. . . . .

. . . . From Oct. 5 to Nov. 2, guards at 13 nuclear plants, including some operated by the French electricity giant EDF, heard the buzzing of drones that the authorities have labeled an “organized provocation” aimed at “disrupting the surveillance chain and protection of these sites.” Officials said that the drones were not military, but rather civilian or commercial, and that they could be used to take photographs or record video of the plants.

Adding to the mystery, Ségolène Royal, the environment minister, has said that she does not have any leads on who was behind the flights. While she said she would not let anyone undermine France’s reputation for security at its nuclear plants, she added that the threat posed by the drone flights should neither be minimized nor exaggerated.

France has 19 nuclear plants and 58 reactors that supply nearly 75 percent of its electricity. . . .

 

 

Discussion

4 comments for “Whose Drones Were Surveilling Nuclear Power Plants in France?”

  1. Since it might be tempting to attribute these drones to environmental groups shooting footage for a video or demonstrating airspace vulnerabilities, note that Greenpeace, which has a history of protesting French nuclear plants, explicitly denied involvement:

    Agence France-Presse
    More drones spotted over French nuclear power stations

    Friday 31 October 2014 08.39 EDT

    French authorities detect drones over two nuclear power plants, the latest in a baffling series of incidents across the country

    French authorities said on Friday they had detected drones over two nuclear power plants, the latest in a baffling series of incidents across the country.

    A spokesman for security forces said: “Drone-type machines overflew two nuclear plants during the night. They were detected by police in charge of protecting the plants and staff.”

    “These machines were not neutralised because they did not represent a direct threat” to the nuclear facilities, the spokesman added.

    An enquiry has been launched, with a source close to the probe saying they were trying to find the pilot of the remote-controlled drones.

    The drone flights have sparked questions over the security of nuclear plants in France. The country relies heavily on nuclear energy for electricity.

    The interior ministry has stressed that a drone does not pose any concern for the plants which are “designed to withstand a strong earthquake or an airliner crashing into it”.

    It is against French law to fly within a five-kilometre (three-mile) radius of a nuclear plant. Those breaking this law are liable to one year in prison and a fine of €75,000 (£59,000).

    Environmental lobby group Greenpeace, whose activists have in the past staged protests at nuclear plants in France, has denied any involvement in the mysterious pilotless flight activity.

    France, the world’s most nuclear-dependent country, operates 58 reactors and has been a leading international cheerleader for atomic energy.

    But in a deal with the Greens before the 2012 parliamentary and presidential elections, President François Hollande’s Socialist party promised to cut reliance on nuclear energy from more than 75% to 50% by shutting 24 reactors by 2025.

    As France’s Interior Minister pointed out, those plants are “designed to withstand a strong earthquake or an airliner crashing into it”. Let’s hope so. But it’s also worth noting that, while the current threat to nuclear power plants from drones may be limited today, that’s not going to be the case tomorrow:

    Bloomberg View
    When Terrorists Have Drones
    70 Jul 22, 2014 1:14 PM EDT
    By The Editors

    A very small airplane rose over the Gaza Strip last week. It entered Israeli airspace and sped toward the coastal city of Ashdod. Then a Patriot missile blew it up.

    The plane, a rudimentary drone launched by the terrorist group Hamas, posed little threat. But Hamas promises more to come — including some intended for “suicide missions.”

    That suggests a vexing problem: As drones become more commonplace, what’s to stop terrorists from using them?

    Drones have an obvious appeal to the extremist mind. They’re hard to detect, controlled from afar and capable of flying into crowded or remote places, anywhere from a sports stadium to a power plant. They can be affixed with explosives or chemical agents. And no one has to die to complete the mission.

    In short, drones could combine the intimacy and stealth of a suicide bomber with the power and range of an armed aircraft.

    Concerns about a terrorist using a drone aren’t entirely hypothetical. Hezbollah has been flying them into Israeli airspace for a decade. Hamas claims to have three varieties. Al-Qaeda has planned to use remote-controlled planes for a range of brutal attacks. In 2012, a Massachusetts graduate student was imprisoned for plotting to strap plastic explosives to small drones and fly them into the Pentagon and the U.S. Capitol.

    None of these scenarios led to casualties. But other potential uses are unnerving: crop-dusting drones modified to disperse deadly chemicals, unmanned planes used as assassins, drones meant to attack critical infrastructure.

    It’s somewhat comforting to know that, for now, armed drones — the kind the U.S. uses in Pakistan and Afghanistan — probably remain beyond the reach of terrorists. And the payloads of most unarmed varieties on the market, even if modified to do harm, are probably insufficient to cause significant casualties or structural damage. Also: flying a drone isn’t a trivial skill and buying one still takes a lot of cash.

    But these challenges may not impede committed terrorists forever, as drones get cheaper, better and easier to find.

    Although there’s been some discussion of embedding unmanned aircraft with tracking software or “kill switches,” practical problems abound with such an approach. Unfortunately, reliably detecting such small and agile machines will probably be a challenge for years to come.

    By 2030, some 30,000 unmanned planes may be hovering overhead in the U.S., most of them devoted to worthy things such as agriculture and emergency response. All the more reason to start thinking now about how best to separate the good ones from the bad.

    “Although there’s been some discussion of embedding unmanned aircraft with tracking software or “kill switches,” practical problems abound with such an approach. Unfortunately, reliably detecting such small and agile machines will probably be a challenge for years to come. ”

    Drone kill switches and tracking software. Could that be part of the future when everyone’s random hover drone comes with a vast range and the ability to carry large amounts of [insert scary thing here]? If so, you have to wonder what the odds are that the future ‘Snowden of drone surveillance’, one that reveals all the secret stuff governments start inserting into drone technology but somehow remains completely anonymous, is even human. The drones want to be free too. One least one of them.

    Posted by Pterrafractyl | January 17, 2015, 2:04 pm
  2. The future sport of drone hunting is probably going to be pretty addicting. Sometimes really addicting:

    CNET
    Drone carrying three kilos of meth crashes near US-Mexico border

    Tijuana shoppers experience a close encounter of an illegal kind after a drug-smuggling drone crash-lands in a store parking lot.

    by Anthony Domanico
    January 22, 2015 7:52 AM PST

    While Amazon, Google and others are exploring how to use drones to deliver merchandise to customers, drug smugglers in Mexico are turning to the remote-controlled aircrafts to deliver packages of a different kind.

    A drone carrying methamphetamines crashed into a parking lot at a shopping center in Tijuana on Tuesday. According to AP, the Tijuana Police Department announced on Wednesday that the drone crashed near the San Ysidro border crossing. The police toldU-T San Diego that the drone likely was being used to ferry drugs between neighborhoods and not across the heavily guarded US-Mexico border where the drone had better chances of being spotted.

    Six packets of meth, weighing about 6.6 pounds, were taped to the underside of a six-propeller drone. Authorities are investigating who was flying the drone and from where the flight originated. Police believe the drone is a DJI Spread Wings S900, which can fly autonomously, which could make tracking down the responsible party more challenging.

    This isn’t the first time Tijuana police have seen drones used to transport drugs. Drone smuggling is just the latest in a string of ways drug runners are trying to traffic their product within and outside of Mexico. Previous smuggling efforts made use of catapults, extensive tunnels and — I kid you not — a pneumatic pot cannon that attempted to transport drugs across the US-Mexico border.

    Good luck drone hunters. Of course, one of the risks highlighted in this story is that your hunting dogs you send out to find the downed drone might end up consuming the drone’s contents before you get there.Uh oh. Fido needs an upgrade.

    Posted by Pterrafractyl | January 22, 2015, 3:35 pm
  3. Seven Iranian hackers were just charged with a number of hacking attempts on dozens of US institutions, the vast majority of targets being major banks. And while a major bank hacked is potentially going to result in a very nasty financial bath, if you happen to live near one of hacking targets, you may have barely avoided a very nasty actual bath:

    Reuters

    U.S. indicts Iranians for hacking dozens of banks, New York dam

    WASHINGTON/BOSTON | By Dustin Volz and Jim Finkle
    Fri Mar 25, 2016 11:13am EDT

    Seven Iranian hackers conducted a coordinated cyber attack on dozens of U.S. banks, causing millions of dollars in lost business, and tried to shut down a New York dam, the U.S. government said on Thursday in an indictment that for the first time accused individuals tied to another country of trying to disrupt critical infrastructure.

    It said the seven accused were believed to have been working on behalf of Iran’s government and the Islamic Revolutionary Guard. Those named live in Iran and the Iranian government is not expected to extradite them. There was no immediate comment from Tehran.

    At least 46 major financial institutions and financial sector companies were targeted, including JPMorgan Chase (JPM.N), Wells Fargo (WFC.N) and American Express (AXP.N), the indictment said. AT&T (T.N) also was targeted.

    The hackers are accused of hitting the banks with distributed-denial-of-service attacks on a near-weekly basis, a relatively unsophisticated way of knocking computer networks offline by overwhelming them with a flood of spammed traffic.

    “These attacks were relentless, they were systematic, and they were widespread,” U.S. Attorney General Loretta Lynch told a Washington news conference.

    The indictment from a federal grand jury in New York City said the attacks occurred from 2011 to 2013. Washington has previously accused military officers from China and the North Korean government of cyber attacks against U.S. businesses.

    The attack on the Bowman Avenue Dam in Rye Brook, New York, was especially alarming, Lynch said, because it represented a known intrusion on critical infrastructure. A stroke of good fortune prevented the hackers from obtaining operational control of the flood gates because the dam had been manually disconnected for routine maintenance, she said.

    The Bowman hack was a “game-changing event” for the U.S. government that prompted investigators to uncover other systems vulnerable to similar attacks, said Andre McGregor, a former FBI agent and a lead case investigator on the dam intrusion.

    “The investigation’s discovery of many more exposed computer systems with vulnerable management consoles is a constant reminder that basic cyber hygiene remains at the forefront of the battle against cyber attacks,” said McGregor, now director of security at Tanium, a Silicon Valley cyber security firm.

    “We must step up our counter-hacking game ASAP to deal with threats from places like Iran and would be terrorists,” said New York Senator Chuck Schumer in a statement.

    Cyber security experts and U.S. intelligence officials have grown more alarmed in recent months by the possibility of destructive hacks of critical infrastructure such as dams, power plants and factories. Some have said a December cyber attack on the Ukraine’s energy grid that caused a temporary blackout of 225,000 should serve as a wake-up call.

    he U.S. and Israel launched a cyber attack against Iran in 2010, now famously known as the Stuxnet worm, in order to disable Iran’s nuclear centrifuges. Some security researchers and officials have long suspected the attacks against U.S. banks and the dam were done in part as retaliation.

    “The attack on the Bowman Avenue Dam in Rye Brook, New York, was especially alarming, Lynch said, because it represented a known intrusion on critical infrastructure. A stroke of good fortune prevented the hackers from obtaining operational control of the flood gates because the dam had been manually disconnected for routine maintenance, she said.
    Good ol’ dumb luck, the best unreliable defense around. It kind of raises the question of just what these hackers would have done had they actually obtained operational access to the flood gates? Would there have been a major flooding event in retaliation for the US/Israeli Stuxnet attacks? That seems highly unlikely given the potentially devastating US response, which is a reminder that, as scary as these kind of state-backed hacking capabilities of critical infrastructure are in the age of the internet, they probably a lot less scary that non-state actors with similar capabilities. After all, as long as this is a state vs state activity, the logic of MADness can hopefully still keep things at least somewhat in check.

    For instance, just imagine if ISIS, a suicidal “state”, had similar hacking capabilities and not just for critical infrastructure like dams but the kind that can literally go “critical”: nuclear plants. And beyond hacking, just imagine if ISIS had the ability to infiltrate nuclear facilities and either steal radioactive material or cause a meltdown. Would fear of a massive, overwhelming retaliatory attack really dissuade ISIS from attempting to a nuclear facilities into giant dirty bombs? It’s kind of hard to enter into an informal quid pro quo MADness agreement with an insane suicidal enemy:

    The New York Times

    Belgium Fears Nuclear Plants Are Vulnerable

    By ALISSA J. RUBIN and MILAN SCHREUER
    MARCH 25, 2016

    BRUSSELS — As a dragnet aimed at Islamic State operatives spiraled across Brussels and into at least five European countries on Friday, the authorities were also focusing on a narrower but increasingly alarming threat: the vulnerability of Belgium’s nuclear installations.

    The investigation into this week’s deadly attacks in Brussels has prompted worries that the Islamic State is seeking to attack, infiltrate or sabotage nuclear installations or obtain nuclear or radioactive material. This is especially worrying in a country with a history of security lapses at its nuclear facilities, a weak intelligence apparatus and a deeply rooted terrorist network.

    On Friday, the authorities stripped security badges from several workers at one of two plants where all nonessential employees had been sent home hours after the attacks at the Brussels airport and one of the city’s busiest subway stations three days earlier. Video footage of a top official at another Belgian nuclear facility was discovered last year in the apartment of a suspected militant linked to the extremists who unleashed the horror in Paris in November.

    Asked on Thursday at a London think tank whether there was a danger of the Islamic State’s obtaining a nuclear weapon, the British defense secretary, Michael Fallon, said that “was a new and emerging threat.”

    While the prospect that terrorists can obtain enough highly enriched uranium and then turn it into a nuclear fission bomb seems far-fetched to many experts, they say the fabrication of some kind of dirty bomb from radioactive waste or byproducts is more conceivable. There are a variety of other risks involving Belgium’s facilities, including that terrorists somehow shut down the privately operated plants, which provide nearly half of Belgium’s power.

    The fears at the nuclear power plants are of “an accident in which someone explodes a bomb inside the plant,” said Sébastien Berg, the spokesman for Belgium’s federal agency for nuclear control. “The other danger is that they fly something into the plant from outside.” That could stop the cooling process of the used fuel, Mr. Berg explained, and in turn shut down the plant.

    The revelation of the video surveillance footage was the first evidence that the Islamic State has a focused interest in nuclear material. But Belgium’s nuclear facilities have long had a worrying track record of breaches, prompting warnings from Washington and other foreign capitals.

    Some of these are relatively minor: The Belgian nuclear agency’s computer system was hacked this year and shut down briefly. In 2013, two individuals managed to scale the fence at Belgium’s research reactor in the city of Mol, break into a laboratory and steal equipment.

    Others are far more disconcerting. In 2012, two employees at the nuclear plant in Doel quit to join jihadists in Syria, and eventually transferred their allegiances to the Islamic State. Both men fought in a brigade that included dozens of Belgians, including Abdelhamid Abaaoud, considered the on-the-ground leader of the Paris attacks.

    One of these men is believed to have died fighting in Syria, but the other was convicted of terror-related offenses in Belgium in 2014, and released from prison last year, according to Pieter Van Oestaeyen, a researcher who tracks Belgium’s jihadist networks. It is not known whether they communicated information about their former workplace to their Islamic State comrades.

    At the same plant where these jihadists once worked, an individual who has yet to be identified walked into the reactor No. 4 in 2014, turned a valve and drained 65,000 liters of oil used to lubricate the turbines. The ensuing friction nearly overheated the machinery, forcing it to be shut down. The damage was so severe that the reactor was out of commission for five months.

    Investigators are now looking into possible links between that case and terrorist groups, although they caution that it could also have been the work of an insider with a workplace grudge. What is clear is that the act was meant to sow dangerous havoc — and that the plant’s security systems can be breached.

    “This was a deliberate act to take down the nuclear reactor, and a very good way to do it,” Mr. Berg, the nuclear agency spokesman, said of the episode in a recent interview.

    These incidents are now all being seen in a new light, as information is mounting from investigators that the terrorist network that hit Paris and Brussels may have been in the planning stages of some kind of operation at a Belgian nuclear facility.

    Three men linked to the surveillance video were involved in either the Paris or the Brussels attacks.

    Ibrahim and Khalid el-Bakraoui, the brothers who the authorities say were suicide bombers at the Brussels airport and subway station, are believed to have driven to the surveilled scientist’s home and removed a camera that was hidden in nearby bushes. The authorities believe they then took it to a house connected to Mohammed Bakkali, who was arrested by the Belgian police after the Paris attacks and is accused of helping with logistics and planning. The police found the videocamera during a raid on the house.

    Belgium has both low-enriched uranium, which fuels its two power plants, and highly enriched uranium, which is used in its research reactor primarily to make medical isotopes, plus the byproducts of that process. The United States provides Belgium with highly enriched uranium — making it particularly concerned about radioactive materials landing in terrorist hands — and then buys isotopes.

    Experts say the most remote of the potential nuclear-related risks is that Islamic State operatives would be able to obtain highly enriched uranium. Even the danger of a dirty bomb is limited, they said, because much radioactive waste is so toxic it would likely sicken or kill the people trying to steal it.

    Cheryl Rofer, a retired nuclear scientist at the Los Alamos National Laboratory and editor of the blog Nuclear Diner, said Belgium’s Tihange nuclear plant has pressurized water reactors, inside a heavy steel vessel, reducing the danger that nuclear fuel could leak or spread. She said that the Brussels bombers’ explosive of choice, TATP, might be able to damage parts of the plant but that the damage would shut down the reactor, limiting the radiation damage.

    And if terrorists did manage to shut down the reactor and reach the fuel rods, they would have to remove them with a crane to get the fuel out of them, Ms. Rofer said. And then the fuel would still be “too radioactive to go near — it would kill you quickly.”

    While experts are doubtful that terrorists could steal the highly enriched uranium at the Mol reactor without alerting law enforcement, some nuclear scientists do believe that if they could obtain it, they could recruit people who know how to fashion a primitive nuclear device.

    Matthew Bunn, a specialist in nuclear security at Harvard’s John F. Kennedy School of Government, said another worry was the byproducts of the isotopes made at Mol, such as Cesium-137.

    “It’s like talcum powder,” he said. “If you made a dirty bomb out of it, it’s going to provoke fear, you would have to evacuate and you have to spend a lot of money cleaning it up; the economic destruction cost could be very high.”

    The discovery of the surveillance video in November set off alarm bells across the small nuclear-security community, with fresh worries that terror groups could kidnap, extort or otherwise coerce a nuclear scientist into helping them. The official whose family was watched works at Mol, one of five research reactors worldwide that produce 90 percent of the radio isotopes used for medical diagnosis and treatment.

    Professor Bunn of Harvard noted that the Islamic State “has an apocalyptic ideology and believes there is going to be a final war with the United States,” expects to win that war and “would need very powerful weapons to do so.”

    “And if they ever did turn to nuclear weapons,” he added, “they have more people, more money and more territory under their control and more ability to recruit experts globally than Al Qaeda at its best ever had.”

    “On Friday, the authorities stripped security badges from several workers at one of two plants where all nonessential employees had been sent home hours after the attacks at the Brussels airport and one of the city’s busiest subway stations three days earlier. Video footage of a top official at another Belgian nuclear facility was discovered last year in the apartment of a suspected militant linked to the extremists who unleashed the horror in Paris in November.”
    Yeah, ISIS surveillance videos of top nuclear facility officials is definitely a reason to fear your facilities are vulnerable. Especially when it appears that ISIS recruited some of your former employees and an unknown individuals effectively sabotaged one of your reactors:


    Others are far more disconcerting. In 2012, two employees at the nuclear plant in Doel quit to join jihadists in Syria, and eventually transferred their allegiances to the Islamic State. Both men fought in a brigade that included dozens of Belgians, including Abdelhamid Abaaoud, considered the on-the-ground leader of the Paris attacks.

    One of these men is believed to have died fighting in Syria, but the other was convicted of terror-related offenses in Belgium in 2014, and released from prison last year, according to Pieter Van Oestaeyen, a researcher who tracks Belgium’s jihadist networks. It is not known whether they communicated information about their former workplace to their Islamic State comrades.

    At the same plant where these jihadists once worked, an individual who has yet to be identified walked into the reactor No. 4 in 2014, turned a valve and drained 65,000 liters of oil used to lubricate the turbines. The ensuing friction nearly overheated the machinery, forcing it to be shut down. The damage was so severe that the reactor was out of commission for five months.

    Well that’s as ominous as it gets when it comes to nuclear security. Or, rather, almost as ominous it gets. It can get more ominous:

    Vice News

    Security Guard’s Murder Fuels Fears That Nuclear Plants in Belgium Could Be Attacked

    By Tess Owen
    March 26, 2016 | 11:10 am

    With Brussels still reeling in the aftermath of the deadly bombings this week, the murder of a nuclear power plant security guard and the theft of his badge has compounded fears that Belgium’s two sprawling nuclear plants could be vulnerable to attacks.

    The security guard was found dead in his home in Charleroi, a post-industrial region known for its derelict factories and slag heaps. Didier Prospero, who worked for US-owned security company G4S, was discovered shot dead in his bathroom on Thursday night. Belgian daily Derniere Heure (DH) reported that Prospero’s children found him, and that his dog had also been shot. His security pass was missing but deactivated after his body was found, DH said.

    A police spokesperson was unable to provide VICE News with further information about the case due to the ongoing investigation. Belgian prosecutors told DH that they had not found any correlation between the guard’s murder and terrorism. Nevertheless, the timing of his death days after the bombings in Brussels fueled concerns that militants could be trying to get their hands on materials to build a radioactive dirty bomb.

    Hours after suicide bombings rocked Brussels transport hubs on Tuesday, killing 31 people and injuring hundreds, Belgium’s Tihange nuclear plant was partially evacuated, and all workers who were not strictly necessary were sent home early. The head of Belgium’s nuclear regulatory agency said on Tuesday that, while there were no direct threats to the plant, the move to partial-evacuation was “based on new information and the events of [Tuesday]. Extra security measures were taken.”

    However, the claim that there hadn’t been a direct threat mounted against Belgium’s nuclear infrastructure isn’t entirely accurate. In February, Belgian authorities discovered 10-hours worth of secretly recorded video footage showing one of the country’s top nuclear scientists coming and going from his home. The material was discovered during a counter-terrorism raid on the home of Mohamed Bakkali, who was arrested and charged with terrorism and murder associated with the November 13 Paris attacks. Ibrahim and Khalid el-Bakraoui — brothers who authorities believe were the alleged suicide bombers at Brussels’ airport and subway — are suspected to have planted the camera, which was hidden in bushes near the scientist’s house.

    Experts and officials have contended that surveilling the nuclear official, who had access to secure areas of a nuclear research facility in Mol, was part of a grander scheme to take him hostage and force him to hand over radioactive material.

    DH reported on Thursday that the suicide bombers who self-detonated on Tuesday were originally planning an attack on nuclear facilities. However, as Belgian police started closing in on their extremist network and arrested suspected terrorists such as Salah Abdeslam, DH said, militants were under pressure to carry out an attack as soon as possible, and abandoned the grander plan of targeting Belgium’s nuclear infrastructure.

    Sébastien Berg, the spokesman for Belgium’s federal agency for nuclear control said a potential attack poses a number of risks. First, that terrorists infiltrate the plant and shut down their operations, which would send about half the country into a blackout.

    Another fear, Berg said, was of “an accident in which someone explodes a bomb inside the plant.” Lastly, Berg said, “the other danger is that they fly something into the plant from outside,” which would stop the cooling process of the fuel and force the plant to shut down.

    Until two years ago, security around the plants was fairly lax. In 2014, Belgian officials installed security cameras and developed a plan to combat cyberattacks. They also mandated that all employees move in groups to avoid sabotage by a lone wolf.

    Just 11 days before the attacks shook Brussels, Belgium’s two nuclear facilities — which contain seven reactors — were guarded by unarmed security personnel. On March 11, the Belgian government deployed 140 troops to beef up security at the nuclear facilities, a temporary solution until a new armed police force is trained to take over.

    “DH reported on Thursday that the suicide bombers who self-detonated on Tuesday were originally planning an attack on nuclear facilities. However, as Belgian police started closing in on their extremist network and arrested suspected terrorists such as Salah Abdeslam, DH said, militants were under pressure to carry out an attack as soon as possible, and abandoned the grander plan of targeting Belgium’s nuclear infrastructure.”
    That’s right, the attacks in Brussels were basically the rushed Plan B for the terror-network. Plan A was some sort of nuclear attack, and with the head of security guard for the national radioactive elements institute at Fleurus murdered after the Brussels attack, it’s rather unclear just how abandoned Plan A really is at this point. It seems ongoing. And as we saw in the above article, it’s the nuclear research facilities that hold the highly-enriched uranium that could be used to build an actual primitive nuclear bomb:


    Belgium has both low-enriched uranium, which fuels its two power plants, and highly enriched uranium, which is used in its research reactor primarily to make medical isotopes, plus the byproducts of that process. The United States provides Belgium with highly enriched uranium — making it particularly concerned about radioactive materials landing in terrorist hands — and then buys isotopes.

    While experts are doubtful that terrorists could steal the highly enriched uranium at the Mol reactor without alerting law enforcement, some nuclear scientists do believe that if they could obtain it, they could recruit people who know how to fashion a primitive nuclear device.

    All in all, it’s pretty clear that not only does ISIS want nukes, it’s actively planning on obtaining them and may have already infiltrated the nuclear energy workforce. So let’s hope EVERY nuclear facility on the planet is slated for a major security upgrade soon. Also keep your fingers crossed for more dumb luck. We’re going to need it.

    Posted by Pterrafractyl | March 26, 2016, 3:43 pm
  4. Another piece of critical civilian infrastructure was recently hacked. This time it was a water treatment plant, where the levels of chemicals used to treat the water were modified multiple times by the hackers. Like a number of these types of hacks, there was a familiar good news/bad news dynamic: the good news is that the hack doesn’t seem to be due to some sort of super-hackers but instead appears to be largely a consequence of appallingly bad security practices by the treatment plant. The bad news, of course, is that this critical piece of infrastructure had appalling bad security. So, like many security breaches of this nature, the good news is also the bad news:

    International Business Times

    Hackers hijacking water treatment plant controls shows how easily civilians could be poisoned

    By Mary-Ann Russon
    March 23, 2016 16:17 GMT

    A group of hackers managed to infiltrate a water treatment plant and change the levels of chemicals being used to treat tap water four times during the cyberattack, security researchers report.

    The potential trouble caused by hacking critical infrastructure has become a key cybersecurity concern in recent months. In December 2015, cyberattacks against three Ukrainian power companies caused widespread power outages in multiple central and regional facilities, hitting 225,000 customers. In January, Israel’s Electricity Authority (IEA) was victim of a ransomware attack attack that paralysed some of the computers on its network for over two days.

    Verizon Security Solutions is the cybersecurity arm of Verizon’s enterprise services for businesses, and the security firm is frequently called in by corporations to deal with cybersecurity threats. Verizon states in its latest report that a group of hackers who have been previously associated with hacktivism campaigns succeeded in breaching a water treatment facility.

    Due to the sensitive nature of the breach, which gave the hackers access to the personal and financial records of over 2.5 million customers, Verizon is not releasing the name of the water company or the country it resides in, referring to the company by the fake moniker “Kemuri Water Company” (KWC).

    Water company using 1980s IBM server

    Verizon says the breach happened as the water company had been using operating systems over a decade old to run its entire IT network (we’re guessing Windows XP), and because the entire IT network relied on a single ancient IBM Application System/400 (AS/400) server, released back in 1988.

    This server was used to connect not just the firm’s internal IT network but also the operational technology (OT) systems that controls the water treatment facility, which managed the water supply and metering water usage for a number of neighbouring counties, and best of all, only one employee in the whole company was capable of dealing with the ancient AS/400 system.

    KWC asked Verizon to assess their networks for indications of a security breach as the company’s IT team had detected unauthorised access to the OT systems of the water district, and in the two months prior to reporting the breach, KWC had noticed an unexplainable pattern of valve and duct movements that seemed to be manipulating hundreds of Programmable Logic Controllers (PLCs).

    The hackers breached the KWC’s systems by exploiting a vulnerability in the web-accessible payments system and using it to get into the company’s web server. Verizon’s researchers realised that the IP addresses of the attackers corresponded with those of hackers who had previously carried out hactivist campaigns, and it is thought that the hackers’ motives might concern Syria, so perhaps these hackers are affiliated with a larger hacking collective like Anonymous.

    Hackers may have been unaware of what they could actually do

    The researchers say that although the hackers had access to over 2.5 million customer records, luckily the hackers never sought to use the information from the accounts, and it is very likely that the hackers didn’t even realise that they were manipulating tap water chemical levels as the way they modified application settings showed very little knowledge of how the flow control system worked.

    In the end, KWC was able to identify and reverse the chemical and flow changes in time, so the impact on customers was largely minimised and nobody got ill – but it could have been so much worse.

    “KWC’s breach was serious and could have easily been more critical. If the threat actors had a little more time, and with a little more knowledge of the ICS/SCADA system, KWC and the local community could have suffered serious consequences,” Verizon’s researchers write in the report.

    “Having internet facing servers, especially web servers, directly connected to SCADA management systems is far from a best practice. Many issues like outdated systems and missing patches contributed to the data breach — the lack of isolation of critical assets, weak authentication mechanisms and unsafe practices of protecting passwords also enabled the threat actors to gain far more access than should have been possible.”

    “Having internet facing servers, especially web servers, directly connected to SCADA management systems is far from a best practice. Many issues like outdated systems and missing patches contributed to the data breach — the lack of isolation of critical assets, weak authentication mechanisms and unsafe practices of protecting passwords also enabled the threat actors to gain far more access than should have been possible.”
    Yes, the security practices were most certainly ‘far from a best practice’, which is what such a dangerous situation as opposed to super-hacking capabilities. Good news! And horrifying news.

    Posted by Pterrafractyl | April 2, 2016, 5:27 pm

Post a comment