Computer systems of the agency in charge of America’s nuclear weapons stockpile are “under constant attack” and face millions of hacking attempts daily, said officials at the National Nuclear Security Administration (NNSA).
The agency faces cyber attacks from a “full spectrum” of hackers, said Thomas D’Agostino, head of the agency.
“They’re from other countries’ [governments], but we also get fairly sophisticated non-state actors as well,” he said. “The [nuclear] labs are under constant attack, the Department of Energy is under constant attack.”
A spokesman for the agency said the Nuclear Security Enterprise experiences up to 10 million “security significant cyber security events” each day.
“Of the security significant events, less than one hundredth of a percent can be categorized as successful attacks against the Nuclear Security Enterprise computing infrastructure,” the spokesman said, which puts the maximum number at 1,000 daily.
The agency wants to beef up its cyber security budget from $126 million in 2012 to $155 million in 2013 and has developed an “incident response center” responsible for identifying and mitigating cyber security attacks.
In April of last year, the Department of Energy’s Oak Ridge National Laboratory was successfully hacked and several megabytes of data stolen, D’Agostino said. Internet access for lab workers ended up disconnected following the breach.
Adam Segal, a cyber security expert with the Council on Foreign Relations, said it’s likely that a majority of those 10 million daily attacks are automated bots “constantly scanning the Internet looking for vulnerabilities.”
“The numbers are kind of inflated on that front,” Segal said, adding that it’s extremely unlikely that hackers would be able to remotely launch a nuclear warhead, because those systems are “airgapped” or disconnected from standard Internet systems. But the Stuxnet computer worm, discovered in 2010, widely spread to supposedly-secure uranium enrichment plants in Iran, Indonesia and India, shutting those systems down.
The NNSA said they are not aware of any viruses or malware that could remotely launch a nuclear warhead, but the “Stuxnet worm is a very real example of how sophisticated malware can cause physical damage to industrial systems.”
Segal said Stuxnet was a lesson — no matter how secure a computer system is, it can always suffer a breach.
“Stuxnet showed that airgapping is not a perfect defense,” Segal said. “Even in secure systems, people stick in their thumb drives, they go back and forth between computers. They can find vulnerabilities that way. If people put enough attention to it, they can possibly be penetrated.”
D’Agostino said with the agency facing so many hacking attempts, its employees have to remain vigilant.
“All it takes is one person to let their guard down,” he said. “This is going to be, in my view, an ever-growing area of concern.”
Segal said any successful hackers would likely have to have an intimate knowledge of the programming languages used by the Department of Energy.
“There’d probably have to be a state-based actor behind it. You have to understand a lot about the systems,” he said. “Hacking into the Department of Energy and looking for nuclear secrets — how to build a bomb — is probably much easier than trying to take over a bomb or a launch code, and probably of more interest to the Russians or the Chinese or the Iranians.”