Page Loader
Russian hackers target 3 US nuclear labs in phishing attack
Hackers tried to get passwords from scientists working in the targeted laboratories

Russian hackers target 3 US nuclear labs in phishing attack

Jan 09, 2023
02:04 pm

What's the story

Cold River, a Russian hacking group, targeted three nuclear research laboratories in the US in an attempt to obtain the passwords, as per Reuters. The attempted attack happened between August and September last year, around the time UN experts visited the Zaporizhzhia nuclear power plant in Ukraine amid heavy shelling in the area. US and Russian officials are yet to comment on the attack.

Context

Why does this story matter?

Any sentence with the two words "nuclear" and "attack" is enough to make heads turn. Add the word "hack" to the equation and we have a deadly trio at hand. Therefore, it is no wonder that the news of Russian hackers targeting US nuclear research labs has created a sense of worry.

Cyberattack

Brookhaven, Argonne, and Lawrence Livermore National Laboratories were the targets

Cold River is known for taking on Kremlin's enemies. This time, the targets were Brookhaven (BNL), Argonne (ANL), and Lawrence Livermore National Laboratories (LLNL). The group carried out a phishing attack by creating fake login pages for each institution and emailing nuclear scientists to make them reveal their passwords. It is unclear whether the attacks were successful or not.

Reason

Why were the specific labs targeted? 

Now that information about the attacks has been revealed, the question everyone is asking is: "Why Brookhaven, Argonne, and Lawrence Livermore?" Unsurprisingly, no one has been able to pinpoint the motive behind the attacks. Considering Cold River's penchant for intelligence collection, that could be the reason behind the blitz. It could have also been a 'hack and leak' operation.

The hackers

Cold River leaked former MI6 chief's emails

Cold River first appeared on the intelligence radar after it targeted the British foreign office in 2016. Since then, it has been involved in several high-profile cyberattacks. Last May, the group hacked and leaked emails belonging to the former head of MI6. It created a website containing private emails of hardline Brexit campaigners. It has also targeted three NGOs investigating war crimes.