The Russian hacker group Cold River targeted three US nuclear research facilities in a phishing attack that took place between August and September of last year, according to Reuters. The Lawrence Livermore, Argonne, and Brookhaven National Laboratories (LLNL) were all targeted in the attack, in which Cold River fabricated login pages in an effort to trick nuclear experts into disclosing their credentials. It is not known if the attacks were successful, and officials from the US and Russia have not yet commented on the incident.
Previously, the group was believed to be involved in the leak of confidential emails between officials during the Brexit process.
Cold River is known for its involvement in a number of cyberattacks, including an attack on the British Foreign Office in 2016, in which the group stole and exposed emails belonging to the former MI6 director. The group has also targeted NGOs that investigate war crimes, and in May of last year, it created a website featuring the personal emails of ardent Brexit supporters.
The news of the attack on the US nuclear research facilities has raised concerns, as Cold River is known for targeting Kremlin foes. It is not clear why the Lawrence Livermore, Argonne, and Brookhaven laboratories were specifically targeted, and it is possible that the attacks were part of a “hack and leak” scheme. It is also possible that Cold River was simply gathering intelligence, as the group has a reputation for doing.
