Hackers have successfully infiltrated Nuclear Regulatory Commission (NRC) computers twice in the past three years, according to a leaked internal investigation report.
News of the breaches broke via Nextgov, which claims to have learned of the breaches after issuing open records requests to the NRC. At the time of publishing the NRC had not responded to V3‘s request for comment.
The report showed that the NRC was successfully hacked by two foreign attackers during one incident, and a single “unidentifiable individual” during the other.
One of the incidents saw the attacker mount a sophisticated phishing email campaign that targeted roughly 215 NRC employees, designed to steal their account login credentials. More than 12 NRC employees are listed as “taking the bait”.
The campaigns also saw hackers attempt to trick employees into downloading malware hosted in a Microsoft SkyDrive account, via a malicious PDF file attachment.
It is unclear when the attacks occurred or what country the hackers came from. The report contains no information about whether the attacks were state sponsored and mounted by a cyber criminal gang, or launched by lone wolf hackers.
Attacks on critical infrastructure facilities are a growing threat facing governments and business of all sizes. Over the past year researchers have uncovered numerous fresh campaigns targeting power plants.
FireEye discovered a new variant of the Havex malware in July, which included a dangerous open-platform communication (OPC) scanner that could be used to launch cyber attacks against critical infrastructure areas.
Earlier in July the US Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) urged critical infrastructure firms to check their networks for signs of intrusion after another cyber attack tool was uncovered.