The Russian hacker group known as Cold River is said to be targeting three US nuclear research laboratories in 2022.
This incident was reported by Reuters after reading the incident report. The attacks took place between August and September, shortly after Russian President Vladimir Putin said he could use nuclear weapons to protect his territory.
The nuclear labs targeted by Cold River are Brookhaven (BNL), Argonne (ANL), and Lawrence Livermore National Laboratories (LLNL). This is known because the hacker created a fake login page at each of these institutions, and sent emails to a number of nuclear scientists in an attempt to steal their passwords.
It is not known whether the hacking was successful or not, and the four laboratories refused to issue a statement about the veracity of the hack, we were quoted as saying by Reuters, Monday (9/1/2023).
The name Cold River rose to prominence after launching a number of attacks on several Ukrainian alliance countries, which they did after Russia invaded Ukraine. And the attack on the laboratory came shortly after UN nuclear experts visited Russian-controlled Ukraine to inspect the world's largest nuclear power plant in the area.
Cold River first came on the radar as a dangerous hacker group after hacking into the offices of a UK government agency in 2016. Since then they have also been involved in dozens of major hacking incidents.
"This is one of the most important hacker groups that you have never heard of. They are directly involved with providing information to the Kremlin," said Adam Meyers, senior vice president of CrowdStrike, a US-based cybersecurity firm.
One of the major actions taken by Cold River was hacking and leaking emails belonging to Richard Dearlove, former boss of MI6, the British intelligence agency. This is only one of the many 'hack and leak' actions carried out by Russian hackers against a number of European countries.