The Security Service of Ukraine has found unauthorized cryptomining set ups in facilities South Ukrainian Nuclear Power Plant facilities Internet UA reports.
One system was found in “Office 104” and another in dormitory facilities housing members of the Ukrainian National Guard, who are tasked with protecting the plant.
Evidence suggests members of the National Guard may have been responsible for the set ups, and a criminal investigation has been launched.
Internet UA says authorities are particularly concerned about the find because the computers involved in the operation somehow, “disclosed (information) about the physical protection of the station, which is a state secret.”
From “Office 104” authorities seized:
“…six Radeon RX 470 video cards, two risers (extension cords that are used to connect additional video cards to the motherboard…), four power supplies, three system units (one of them home-made), a switch with a block power supply, a switch without a power supply, a metal bracket with three video cards, seven raisers and five cables to the raisers, a motherboard, (and) a USB flash drive and a hard drive. A metal frame was also removed, on which a motherboard, three coolers (fans), five video cards, a hard drive and two power supplies were mounted.”
At the barracks housing military unit 3044 of the National Guard of Ukraine, investigators located, “16 video cards, a system unit with the inventory number of the military unit, seven hard drives, two solid-state drives, a USB flash drive and a router…(as well as a) CTC union media converter, fiber-optic and network cables.”
Internet AU writes that, following an investigation commenced on the second anniversary of Russia’s “NotPetya” virus attack on Ukraine vital infrastructure, researchers discovered, “a number of safety problems at the Energoatom National Atomic Energy Company – Technological schemes of the reactor shop of the South Ukrainian NPP (nuclear power plant) and a lot of information on other NPPs were discovered in the public domain.”
Ukrainian cyber activists have been otherwise busy when it comes to disclosing risks to the Ukraine’s nuclear infrastructure, Internet AU writes:
“(A)ctivists of the #fuckresponsibledisclosure flash mob initiated by the Ukrainian Cyber Alliance, beginning in 2017, regularly found security problems at Energoatom and the leakage of NAEC documents. In particular, in October 2018, information security expert Alexander Galushchenko discovered in open accessdocuments related to the work of the South Ukrainian Nuclear Power Plant.”
“A year earlier, in December 2017, a hacktivist, known on the network under the nickname Dmitry Orlov, reported a data leak at the Zaporizhzhya NPP . He discovered in open access the internal documentation of the Zaporizhzhya NPP…(including documents describing the) technical condition of the nuclear safety facility, service notes, leakproofness analysis of TVEL TVS shells and so on.”
“On March 19 this year, the police opened criminal proceedings.upon unauthorized interference in the operation of computer networks of OP Zaporizhzhya NPP SE NAEK Energoatom. Then, three employees of the nuclear safety department of the Zaporizhzhya NPP, including its head, were (identified as) involved in a data leak at the local branch of the SBU.”
It is not uncommon for cryptominers across the globe to try to pass the energy costs of cryptomining onto other parties.
The investigation into unauthorized cryptocurrency mining at the Ukraine nuclear power facility is said to be ongoing.