Nextgov has reported that Nuclear Regulatory Commission (NRC) computers were successfully hacked twice ‘by foreigners’ in the last three years as well as by ‘an unidentifiable individual’ in a separate attack.
In one incident, a phishing email was sent to 215 NRC employees, asking them to ‘verify their user accounts by clicking a link and logging in’. Needless to say the link didn’t take the 12 employees who took the bait to a legitimate site but a ‘cloud-based Google spreadsheet’ instead. It’s not known how many employees then entered their login details. The NRC sensibly changed their user profiles anyway.
In another incident, specific employees were targeted by spear phishing emails that linked to malware. The emails’ country of origin is not named.
In a third, hackers accessed a personal email account belonging to an NRC staff member, and used it to send malware to 16 other NRC staff members, one of whom was infected by the malicious attachment.
NRC spokesman David McIntyre said, “The NRC’s computer security office detects and thwarts the vast majority of such attempts, through a strong firewall and reporting by NRC employees. The few attempts documented in the OIG cyber crimes unit report as gaining some access to NRC networks were detected and appropriate measures were taken.”
The White House’s Framework for Improving Critical Infrastructure Cybersecurity was released in February 2014. It looks at this stage that it might require stronger guidance on staff awareness.