Cryptojacking at a Ukrainian Nuclear Plant
What do you do when you have access to a massive electrical power source and you’re looking to make a bit more money? The staff at the state owned South Ukraine Nuclear Power Plant in Yuzhnoukrainsk reckoned that a recent spike in cryptocurrency trading prices provided the perfect incentive to hook up their mining rigs to the plant’s internal administrative network.
It wasn’t the first time that cryptocurrency miners hacked into networks to mine cryptocurrencies. This process is also often called cryptojacking: a cryptojacker “finds a way to harness the processing power of computers she doesn’t own — or pay the electrical bills on,” as Wired explains it.
Vinay Gupta, a blockchain strategist who — among others — helped coordinate the second largest cryptocurrency Ethereum’s 2015 release, tells me that people have long used computing resources to illicitly mine bitcoin. “Usually this story is inconsequential – say a few thousand machines in a university,” says Gupta.
Cryptojacking was a major problem in 2018, when a mining startup called Coinhive launched an easy-to-use mining module — a tool which was used by malicious groups to exploit highly trafficked websites.
“Malicious miners have shown up on mobile devices, in cloud infrastructure, on Internet of Things gadgets, and even in critical infrastructure,” Wired reported at the end of 2018.
Hacking into power plants obviously poses all kinds of security risks, and the case in Ukraine wasn’t the first. Here’s a quick primer from ZDNET listing a few other incidents:
- February 2018: Russian authorities arrest engineers from the Russian Nuclear Center for using the agency’s supercomputer to mine cryptocurrency.
- March 2018: Australian officials begin investigating staff using their work computers to mine cryptocurrency at the Bureau of Meteorology.
- April 2018: an employee at the Romanian National Research Institute for Nuclear Physics and Engineering is caught mining cryptocurrency at work.
In Ukraine, the Ukrainian Secret Service (SBU) is investigating the incident as a potential breach of state secrets, some additional equipment, which looked like mining rigs were seized in a structure used as barracks by a military unit of the National Guard of Ukraine, tasked with guarding the power plant.
Illegally sourcing power to mine cryptocurrencies is a crime, of course, but hooking your rigs up to a nuclear power plant constitutes a national security threat. According to the Ukrainian new site UNIAN, the mining led the plant to be connected to the internet, which could have exposed a number of vulnerabilities.
“I thought at first, it is quite funny,” blockchain and mining scholar Alex Norta tells me about the incident. “Why aren’t all big miners going straight to power plants for procuring electricity to mine? That happens in China and other countries.” The staff involved could have mined cryptocurrency without connecting the plant to the internet, he explains.
Norta says the power plant in Ukraine should have been better protected. “If that nuclear power plant would have been secured properly, it wouldn’t be possible,” he says.