Nuclear Regulatory Commission Computers Hacked

Nuclear Regulatory Commission Computers Hacked

  • By Ginger Hill
  • Aug 19, 2014

An internal investigation has discovered that for the past three years, Nuclear Regulatory Commission (NRC) computers have been successfully hacked, twice by foreigners and once by an unidentifiable individual.Nuclear Regulatory Commission Computers Hacked

Incident #1 – Phishing emails were sent to about 215 NRC employees, baiting personnel to verify their user accounts by clicking on an embedded link and logging in. The link took victims, about 12 total, to a cloud-based Google spreadsheet.

NRC was able to track the originator of the spreadsheet to a foreign country; however, the nation was not identified publicly.

Incident #2 – Spearphishing emails were sent to NRC employees with a URL embedded into the email, connected to a cloud-based Microsoft Skydrive storage site that housed malware.

Again, NRC was able to track the sender of the emails to a foreign country that is remaining nameless at this time.

Incident #3 – The personal email account of an NRC employee was hacked and sent malware to other personnel from the employee’s contact list. There was a PDF attachment within the email that contained a JavaScript security vulnerability.

Investigators subpoenaed an Internet Service Provider for records, but apparently the provider did not have log records for the date of the incident, rendering it was impossible to identify the sender without the logs.

Because NRC oversees the U.S. nuclear power industry, it maintains records of oversea aggressors, including databases detailing the locations and condition of nuclear reactors, and relies on plants that handle weapon-grade materials to submit information detailing their inventories.

According to commission spokesman David McIntyre, NRC is always concerned about potential computer intruders, so much so, that every NRC employee must complete annual cyber training that teaches about phishing, spearphishing and other ways hackers can infiltrate agency systems.

About the Author

Ginger Hill is Group Social Media Manager.

Featured

  • Security Today Announces 2025 CyberSecured Award Winners

    Security Today is pleased to announce the 2025 CyberSecured Awards winners. Sixteen companies are being recognized this year for their network products and other cybersecurity initiatives that secure our world today. Read Now

  • Empowering and Securing a Mobile Workforce

    What happens when technology lets you work anywhere – but exposes you to security threats everywhere? This is the reality of modern work. No longer tethered to desks, work happens everywhere – in the office, from home, on the road, and in countless locations in between. Read Now

  • TSA Introduces New $45 Fee Option for Travelers Without REAL ID Starting February 1

    The Transportation Security Administration (TSA) announced today that it will refer all passengers who do not present an acceptable form of ID and still want to fly an option to pay a $45 fee to use a modernized alternative identity verification system, TSA Confirm.ID, to establish identity at security checkpoints beginning on February 1, 2026. Read Now

  • The Evolution of IP Camera Intelligence

    As the 30th anniversary of the IP camera approaches in 2026, it is worth reflecting on how far we have come. The first network camera, launched in 1996, delivered one frame every 17 seconds—not impressive by today’s standards, but groundbreaking at the time. It did something that no analog system could: transmit video over a standard IP network. Read Now

  • From Surveillance to Intelligence

    Years ago, it would have been significantly more expensive to run an analytic like that — requiring a custom-built solution with burdensome infrastructure demands — but modern edge devices have made it accessible to everyone. It also saves time, which is a critical factor if a missing child is involved. Video compression technology has played a critical role as well. Over the years, significant advancements have been made in video coding standards — including H.263, MPEG formats, and H.264—alongside compression optimization technologies developed by IP video manufacturers to improve efficiency without sacrificing quality. The open-source AV1 codec developed by the Alliance for Open Media—a consortium including Google, Netflix, Microsoft, Amazon and others — is already the preferred decoder for cloud-based applications, and is quickly becoming the standard for video compression of all types. Read Now

Most   Popular

New Products

  • AC Nio

    AC Nio

    Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions.

  • EasyGate SPT and SPD

    EasyGate SPT SPD

    Security solutions do not have to be ordinary, let alone unattractive. Having renewed their best-selling speed gates, Cominfo has once again demonstrated their Art of Security philosophy in practice — and confirmed their position as an industry-leading manufacturers of premium speed gates and turnstiles.

  • Unified VMS

    AxxonSoft introduces version 2.0 of the Axxon One VMS. The new release features integrations with various physical security systems, making Axxon One a unified VMS. Other enhancements include new AI video analytics and intelligent search functions, hardened cybersecurity, usability and performance improvements, and expanded cloud capabilities