On one hand, that's good, because it means that there's no obvious, immediate threat to life and limb or the risk of every nuclear reactor suddenly switching itself off. On the other, the hackers reportedly sent malware-laden CVs to key employees who have access to critical nuclear systems. The intention is either to watch those systems for intelligence gathering, or to obtain credentials that could be used in a later breach. It's a method that certain, anonymous, experts have told the Times matches the MO of the Russian hacking group Energetic Bear.
2017 is shaping up to be a very big year in the not-so cold war between nation state-level hackers and the countries that they target. We've already seen the NotPetya worm take down systems in the US, Russia, Europe and Ukraine, as well as malware attacks like WannaCry. Private sector attacks are also on the increase, with big names like Chipotle, OneLogin and the companies that make voting machines. Let's hope that the White House's initiative to harden the US against cyber intrusion is successful, or else this will keep being a threat.