Phishing

Nuclear Regulatory Commission’s computers hacked three times in three years

August 19, 2014

Nuclear Regulatory Commission (NRC) computers were hacked twice by foreigners and once by an unidentifiable individual in the last three years, according to a recently obtained inspector general report.

The commission, which handles licensing, inspection and enforcement of nuclear requirements, might have had documents and inner-system workings exposed in the attacks, according to Nextgov, who obtained the report via an open-records request.

In one phishing scheme, more than 200 employees received an email asking them to verify their accounts through a provided link. The dozen people who fell for the ploy were then redirected to a Google spreadsheet where they could enter their details. A later investigation pointed to an unnamed foreign culprit.

Another incident involved a spear phishing campaign that linked to malicious software. Similarly in that case, an investigation led to an unnamed foreign attacker.


prestitial ad