Phishing emails used to hack US Nuclear Regulator

The United States Nuclear Regulatory Commission, regulator of the nation's use of nuclear materials and commercial power plants, was compromised three times in as many years, according to a report from Nextgov. Two of the hacks are said to have resulted from someone(s) abroad, while the third responsible party has not yet been identified.

There were three cases, and perhaps the largest of them involved more than 200 Commission employees being sent phishing emails asking for account verification details. Employees were provided with a link leading to a Google spreadsheet. Of the emails that went out, 12 workers are said to have clicked the link. The hackers — or, at least, attempted hackers — were tracked to somewhere overseas by the IG Cyber Crime Unit.

The second hacking attempt also originated from overseas, and, again, the country of origin was not specified. In this effort, workers were sent a spear phishing email that connected to a SkyDrive account. In this case, only one worker fell for the scam.

In the third case, a worker's personal email was hacked and used to fire off malware to 16 other workers in the contact list. There was a PDF attached to the email, which then used a JavaScript vulnerability to infect the recipient. One recipient was said to have opened the attachment. In this case, the hacker could not be identified.

The reasons for the hacks aren't known, but are suspected to be an effort to harvest details about the nation's nuclear infrastructure — another suggestion is that the NRC might not be a specific target, but instead swept up by chance in a more general attack by an individual hacker rather than a foreign nation's government.

SOURCE: Nextgov