Nation-State Hackers Hit Japanese Nuclear Facility

Nation-State Hackers Hit Japanese Nuclear Facility

A Japanese nuclear research facility has been hacked, resulting in the theft of 59,000 files.

The University of Toyama’s Hydrogen Isotope Research Center is one of the world leaders in tritium research. Tritium, also known as Hydrogen-3, is a radioactive isotope of hydrogen that is an important fuel for controlled nuclear fusion, and a key component of hydrogen bombs.

It is also one of the contaminants in the water building up at the Fukushima No. 1 nuclear plant.

The infiltrators stole the lab's tritium research, according to Japanese media, along with the personal details of 1,493 researchers. Attackers stole data in three batches: December 2015, March 2016 and June 2016.

The malware that was used in the breach was delivered via a spear-phishing attack in November of 2015, when a hacker posed as a Tokyo university student working on a research assignment. Investigators said that the malware samples they analyzed were also pre-programmed to search the victim's computer for the term IAEA, which is the acronym for the UN's International Atomic Energy Agency.

“The breach at the University of Toyama’s Hydrogen Isotope Research Center is a textbook example of the sort of cyber-threats facing academia,” said Vishal Gupta, CEO of Seclore, via email. “Researchers are extremely lucrative targets for nation-states, as it’s cheaper to invest in the theft of existing data then to conduct the research outright. As a result, academics must take steps to assure their work is safeguarded, especially when they are conducting nuclear research (which is prohibited in all but a handful of countries). Persistent security controls that work at the data level are needed in order to assure well intentioned research doesn’t end up in malicious hands.”

Last week, Yukiya Amano, director of IAEA, revealed to Reuters that bad actors targeted a nuclear power plant with a disruptive cyber-attack in 2014. He also cited a case four years ago in which an individual tried to smuggle a small amount of highly enriched uranium to create a dirty bomb. He declined to give details of either incident.

"This is not an imaginary risk," Amano told Reuters. "This issue of cyber-attacks on nuclear-related facilities or activities should be taken very seriously. We never know if we know everything or if it's the tip of the iceberg."

Photo © Igor Zh.

Source: Information Security Magazine