The Russian cybercriminal group Cold River has launched phishing attacks against three US nuclear research laboratories, according to Reuters news agency. The information has been verified by five cybersecurity experts.
The intrusion attempts are believed to have taken place in August and September 2022. This is around the time that Russian President Vladimir Putin announced that he could use nuclear weapons if Russia was attacked.
The three sites targeted were:
- Brookhaven National Laboratory in Long Island, which specialises in nuclear and particle physics;
- Argonne National Laboratory, west of Chicago, which specialises in nuclear energy;
- Lawrence Livermore National Laboratory in California, which specialises in the development of nuclear weapons.
The cybercriminals are thought to have created fake login pages imitating those of the targeted laboratories. They then sent phishing emails to employees, instructing them to log in via these fake pages.
None of the laboratories have commented on this information nor on whether any of these attempts were successful.