For HomeFor BusinessFor Partners
Industry News
3 min read

US nuclear reactor safety regulators hacked three times in three years

Graham CLULEY

August 20, 2014

Promo Protect all your devices, without slowing them down.
Free 30-day trial
US nuclear reactor safety regulators hacked three times in three years

The United States Nuclear Regulatory Commission (NRC) has hacked three separate times in the last three years, with at least two of the attacks believed to have been perpetrated by overseas hackers.

According to NextGov, which obtained information about the attacks after filing an open-records request, NRC employees were duped by an phishing email that asked them to verify their login details by taking them to a “cloud-based Google spreadsheet.”

A dozen of the 215 NRC employees targeted fell for the ruse and clicked on the link. Although it’s not known what information staff may have entered on the webpage, the opportunities for login credentials to have been harvested is obvious.

“Based on the mere fact of clicking on the link, NRC cleaned their systems and changed their user profiles,” said commission spokesman David McIntyre.

In a separate incident, hackers targeted commission employees by sending them emails that linked to malware on a Microsoft Skydrive-hosted webpage. One computer is said to have become compromised as a result of the attack.

In both incidents the attacks were investigated, and traced back to an overseas country – although details of which country has not been made public.

Finally, NextGov’s report reveals that the personal email account of an NRC employee was broken into, and used to send out a malicious PDF file to 16 other workers in the employee’s address book. One recipient’s computer became infected by the malware after opening the attachment.

In that incident, it proved impossible to point a finger in any particular direction as to who might have been responsible, or where in the world they might have been based.

Of course, even if a country was named in these reports it doesn’t necessarily mean that an attack is state-sponsored, or has the support of the intelligence or military services of that nation. It could just as equally be “freelance” hackers working on their own, perhaps with their own motivations.

Furthermore, we shouldn’t forget that it is very easy for criminals to hide their tracks online. So, for instance, it isn’t complicated if you are a hacker based in Uganda to compromise a computer in Uruguay to attack a computer network in the United States.

That said, Adam Segal, director of the digital and cyberspace policy program at the Council on Foreign Relations, told NextGov that he suspected a nation would be behind the attacks:

“Clearly, the spearphishing is a technique that we’ve seen the Chinese and the Russians use before. Using the general logic, a nation state is going to be more interested in the NRC than you would imagine common criminals would be.”

Personally, I find the quote that “spearphishing is a technique that we’ve seen the Chinese and Russians use before” pretty rib-tickling. Umm.. isn’t it also the case that we’ve also seen American, British, French, Israeli, Syrian, (I could go on…) hackers use targeted spearphishing emails before too?

After all, it’s hardly a sophisticated technique…

Before you head to the hills, and stock up on cans of baked beans, there’s some thing that should be underlined.

This was the US Nuclear Regulatory Commission which got hacked. It was not an actual nuclear reactor. Safety and control systems used at US nuclear power plants are physically isolated, and aren’t connected to the internet.

The hackers may have been after sensitive information by hacking into the NRC, but there wasn’t any danger of any reactors themselves failing as a direct result.

tags

Industry News

Author

Graham CLULEY

Graham CLULEY

Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s.

View all posts

Right now Top posts

Start Cyber Resilience and Don’t Be an April Fool This Spring and Beyond
Scam How to Tips and Tricks

Start Cyber Resilience and Don’t Be an April Fool This Spring and Beyond

April 01, 2024

2 min read
Spam trends of the week: Cybercrooks phish for QuickBooks, American Express and banking accounts
Spam Industry News Threats

Spam trends of the week: Cybercrooks phish for QuickBooks, American Express and banking accounts

November 28, 2023

4 min read
Protecting your important: Stick to these 8 cybersecurity tips for safe Black Friday and Cyber Monday deal hunting
Protecting Your Important How to Tips and Tricks

Protecting your important: Stick to these 8 cybersecurity tips for safe Black Friday and Cyber Monday deal hunting

November 08, 2023

4 min read
3 in 5 travel-themed spam emails are scams, Bitdefender Antispam Lab warns
Industry News Spam

3 in 5 travel-themed spam emails are scams, Bitdefender Antispam Lab warns

August 10, 2023

4 min read

FOLLOW US ON SOCIAL MEDIA

You might also like

The Safety Formula - Episode 10: Human Intuition Meets Advanced Technology
The Safety Formula

The Safety Formula - Episode 10: Human Intuition Meets Advanced Technology
Bitdefender

April 17, 2024

2 min read
Ukraine claims it hacked Russian Ministry of Defence, stole secrets and encryption ciphers
Industry News

Ukraine claims it hacked Russian Ministry of Defence, stole secrets and encryption ciphers
Graham CLULEY

March 06, 2024

2 min read
Crimemarket Taken Down by German Authorities
Industry News

Crimemarket Taken Down by German Authorities
Silviu STAHIE

March 05, 2024

1 min read

Bookmarks

loader