Malware, Phishing, Vulnerability Management

Nuclear Regulatory Commission’s computers hacked three times in three years

Nuclear Regulatory Commission (NRC) computers were hacked twice by foreigners and once by an unidentifiable individual in the last three years, according to a recently obtained inspector general report.

The commission, which handles licensing, inspection and enforcement of nuclear requirements, might have had documents and inner-system workings exposed in the attacks, according to Nextgov, who obtained the report via an open-records request.

In one phishing scheme, more than 200 employees received an email asking them to verify their accounts through a provided link. The dozen people who fell for the ploy were then redirected to a Google spreadsheet where they could enter their details. A later investigation pointed to an unnamed foreign culprit.

Another incident involved a spear phishing campaign that linked to malicious software. Similarly in that case, an investigation led to an unnamed foreign attacker.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.