Hackers managed to gain access to the US Nuclear Regulatory Commission three times, according to a Nextgov report.
The hackers on two occasions were foreigners and the last was an unknown person or group. The US Nuclear Regulatory Commission governs America’s nuclear power providers. Ironically making sure that they are secure.
Apparently an investigation into the source of the third hack was scuppered because logs of the incident had been destroyed.
Intruders used basic hacking techniques to get at the NRC’s computers. One attack linked to a foreign country or individual involved phishing emails that coerced NRC employees into submitting their login credentials. The second one linked to a foreign government or individual used spearphishing, or emails targeted at specific NRC employees, to convince them to click a link that led to a malware site hosted on Microsoft’s cloud storage site SkyDrive, now called OneDrive.
The third attack involved breaking into the personal account of a NRC employee. After sending a malicious PDF attachment to 16 other NRC employees, one person was infected with malware.
NRC spokesman David McIntyre insisted that the NRC computer security team “detects and thwarts” most hacking attempts.