1 min read

Russian Hackers Targeted Nuclear Research Facilities in the US

Silviu STAHIE

January 09, 2023

Promo Protect all your devices, without slowing them down.
Free 30-day trial
Russian Hackers Targeted Nuclear Research Facilities in the US

A Russian hacking group operating under the name of Cold River have targeted three US nuclear facilities in the summer of 2022, according to documents published by Reuters.

Hacking of companies and institutions is not new, but the attacks on nuclear facilities and their workers, just as Russian President Vladimir Putin was escalating his nuclear war rhetoric, may be no mere coincidence.

Many hacking groups end up infamous, attracting media coverage and public scorn by targeting large companies and trying to extort money from them. But some groups, backed by national governments or even operating directly under the guidance of various secret services worldwide, have other agendas, like stealing proprietary information, sabotage and so on. Those people don’t advertise their existence.

According to a Reuters report, Cold River uses a tactic we’ve seen in the past, especially when targeting specific people. They created fake login pages for each targeted institution and emailed employees there, including nuclear scientists, trying to trick them into accessing the fake links and inadvertently sharing their credentials with the attackers.

The three institutions targeted by the hackers are Brookhaven (BNL), Argonne (ANL) and Lawrence Livermore National Laboratories (LLNL). In fact, LLNL was in the news in the past few weeks with advancements made in the field of nuclear fusion.

“Reuters was unable to determine why the labs were targeted or if any attempted intrusion was successful,” the report notes. “A BNL spokesperson declined to comment. LLNL did not respond to a request for comment. An ANL spokesperson referred questions to the U.S. Department of Energy, which declined to comment.”

Despite its anonymous footprint, Cold River was very active in the past few years, and Reuters managed to track it back to an IT worker in Syktyvkar, Russia.

tags


Author


Silviu STAHIE

Silviu is a seasoned writer who followed the technology world for almost two decades, covering topics ranging from software to hardware and everything in between.

View all posts

You might also like

Bookmarks


loader