Russian hackers targeted 3 US nuclear research labs: report - DW (English)

A squad of Russian hackers known arsenic Cold River targeted 3 salient US atomic probe laboratories past summer, Reuters reported Friday.

The findings are supported by the findings of 5 cyber information experts.

Reuters reported that the Argonne, Brookhaven and Lawrence Livermore National Laboratories were targeted by the group.

Internet records uncover the hackers' attempts to make fake login pages for the 3 laboratories. The radical past emailed atomic scientists successful an effort to instrumentality them into revealing their passwords.

It is unclear wherefore the labs were targeted oregon if immoderate of the attempts were successful.

Spokespersons for Brookhaven and Lawrence Livermore National Laboratories declined to remark to Reuters. A spokesperson for the Argonne National Laboratory referred questions to the US Department of Energy which successful crook declined to remark arsenic well.

What is the Cold River hacking group?

Cold River has stepped up its hacking campaigns against Western allies of Ukraine following Russia's penetration connected February 24 of past year.

The effort against US atomic probe laboratories occurred arsenic UN experts entered Russian-held Ukrainian territories to inspect the Russian-occupied Zaporizhzhia atomic plant. The UN was connected tract to measure what fallout determination could beryllium from an mishap resulting from adjacent shelling.

The radical archetypal appeared connected the radar of quality officials successful 2016 erstwhile it targeted Britain's Foreign Office. In caller years, Cold River has been progressive successful respective precocious illustration hacking incidents, 9 cybersecurity firms told Reuters.

Reuters was capable to link emails utilized by the radical from 2015 to 2020 to an IT nonrecreational and assemblage builder , Andrey Korinets, based successful Syktyvkar, astir 1,300 kilometers (800 miles) northeast of Moscow.

In an interrogation with Reuters, Korinets said helium was liable for the emails but disavowed immoderate cognition of the Cold River hacking group.

A information technologist connected Google's Threat Analysis Group, Billy Leonard, said Google had identified Korinets arsenic being progressive successful Cold River.

The elder vice president of quality astatine US cybersecurity steadfast CrowdStrike Adam Meyer told Reuters, "This is 1 of the astir important hacking groups you've ne'er heard of."

Meyer added, "They are progressive successful straight supporting Kremlin accusation operations."

Russia's Federal Security Service (FSB) did not respond to Reuters petition for comment. The FSB is simply a home quality assemblage that besides carries retired overseas hacking operations.

The Russian embassy successful Washington besides did not reply a petition for comment. Nor did the US National Security Agency (NSA) oregon the British Foreign Office.

What other is Cold River liable for?

In May of past year, Cold River hacked and began leaking the emails of Sir Richard Dearlove, the erstwhile caput of the UK's MI6, the country's overseas quality agency.

It was 1 of respective hack and dump incidents successful the UK, Latvia and Poland, according to officials successful Eastern Europe and cyber information experts, Reuters reported.

Cold River has besides targeted 3 European NGOs that are investigating warfare crimes, Reuters reported French cybersecurity firm SEKOIA.IO said.

While Reuters said it could not corroborate that that the NGOs were targeted, the French steadfast said Cold River's hacking run sought to assistance "Russian quality postulation astir identified warfare crime-related grounds and/or planetary justness procedures."

ar/aw (Reuters)