Hackers may have gained access to US nuclear regulator
The need for effective, reliable cybersecurity among federal agencies has never been greater. Departments now generate and collect a huge volume of sensitive information, all of which may be targeted by external hackers. Furthermore, the growing reliance on computer systems creates more potential opportunities for malicious cyberattackers to damage U.S. operations.
The importance of this issue was thrown into stark relief by a recent report from NextGov. The source revealed that over the past three years, the U.S. Nuclear Regulatory Commission was infiltrated on three separate occasions. These incidents suggest that this department, and the federal government as a whole, may need to revamp its approach to to cybersecurity.
The source explained that one of the successful breaches was the result of a phishing scam. More than 200 employees at the Nuclear Regulatory Commission received emails asking them to click on a link and enter login information to verify their accounts. Twelve personnel fell victim to this trick. This action took them to a Google spreadsheet, but it is unknown how many employees provided any information.
The source noted that the IG Cyber Crime Unit determined that the individual who created the spreadsheet was based in a foreign nation, but declined to identify the specific country.
NextGov reported that one of the remaining two cyberattacks also revolved around spear phishing. As in the above case, this attempt relied upon a link to malicious software, and successfully tricked at least one NRC employee. This attack also originated in a foreign country.
The third cyberattack was a straightforward hacking effort. Cybercriminals gained access to an NRC worker's personal email account, then used that account to distribute malware to an additional 16 NRC employees. Investigators were unable to determine who committed this attack, as the Internet service provider did not possess any of the relevant log records.
David McIntyre, a spokesman for the NRC, emphasized that the organization's computer security office catches almost all of the cyberattackers targeting the commission's systems, and responds quickly to those attacks that prove successful, the source reported.
Despite these efforts, though, the fact remains that cyberattackers were able to gain some degree of access to NRC computer systems via their hacking and spear phishing efforts. This can have serious consequences for national security, as Richard Bejtlich, chief security strategist for a cybersecurity firm, told the news source.
"An organization like the NRC would be a target for nation states seeking information on vulnerabilities in critical infrastructure," he said, NextGov reported.
Adam Segal, director of the digital and cyberspace policy program at the Council on Foreign Relations, told the news source that while the nations responsible for these attacks were not identified, Russia and China were both likely culprits. Agents from these countries have been known to utilize spear phishing techniques, Segal explained.
However, Shawn Henry, a former leading FBI cybersecurity official, argued that the cyberattackers may not have been working for a foreign government. Instead, they could be independent, aiming to steal sensitive U.S. info to sell on the black market.
Regardless of who was responsible for the breaches, these incidents demonstrate the need for new cybersecurity efforts on the part of the NRC, as well as any other federal organization responsible for sensitive information. The spear phishing incidents highlight the importance of cybersecurity training for employees, as these events are easily avoidable when workers understand the risks involved.
The email account breach, though, speaks more to the need for higher quality cybersecurity tools and resources. As hackers' tools and strategies become more sophisticated, a similar upgrade is necessary for government agencies.