A Russian hacking team known as Cold River targeted three nuclear research labs in the United States last summer. This is evident from data that the Reuters news agency and five cybersecurity experts were able to study.
Days after Vladimir Putin indicated that Russia would be willing to use nuclear weapons to defend its territory, Cold River targeted Brookhaven (BNL), Argonne (ANL) and Lawrence Livermore (LLNL) national laboratories. Each of these laboratories are engaged in nuclear research. The hackers created fake login pages for each institute and also emailed scientists to get their passwords.
Reuters presented its findings to five industry experts, who confirmed Cold River’s involvement in the nuclear lab hacking attempts. This was achieved on the basis of shared digital fingerprints that researchers have linked to the group in the past.
Reuters was unable to determine why the labs were targeted or whether an attempted break-in was successful. The three research centers also declined to comment.
Cold River has ramped up its hacking campaign against Kiev’s allies since the invasion of Ukraine, cybersecurity experts and Western government officials know. The digital attack on US laboratories took place when UN experts entered Ukraine to assess the risks at Zaporizhia, home to Europe’s largest nuclear power plant. In that area, shootings took place all the time.
“One of the most important hacker groups”
Cold River, which first appeared on intelligence agencies’ radar after attacking the British Foreign Office in 2016, has been involved in dozens of other high-profile hacking incidents in recent years. “This is one of the most important hacker groups you’ve never heard of,” Adam Meyers, of US cybersecurity company CrowdStrike, told The Guardian newspaper. “They are involved in direct support of Kremlin information operations.”
Russia’s Federal Security Service (FSB), which also runs espionage campaigns for Moscow, and the Russian embassy in Washington did not respond to emailed requests for comment from Reuters. Western officials say the Russian government is a world leader in hacking and uses cyber espionage to spy on foreign governments and industries to gain a competitive advantage. However, Moscow has consistently denied that it carries out hacking operations.
Free unlimited access to Showbytes? Which can!
Log in or create an account and don’t miss a thing of the stars.