by James Pearson and Christopher Bing
LONDON/WASHINGTON (Reuters) – A team of Russian hackers known as “Cold River” targeted three nuclear research labs in the United States last summer, according to records seen by Reuters and five cybercrime experts.
Between August and September, when Vladimir Putin warned that Russia was ready to use nuclear weapons to defend its territory, “Cold River” hackers targeted the Brookhaven National Laboratories, located in New York State, in Argonne, Illinois and Lawrence Livermore, California.
Internet logs show that hackers created fake login pages for each lab and emailed nuclear scientists to get their passwords.
Reuters was unable to determine why these labs were targeted and whether the computer attacks were successful.
A Brookhaven lab spokeswoman declined to comment. Lawrence Livermore’s did not respond to a request for comment. A spokesperson for Argonne’s laboratory referred questions to the US Department of Energy, which declined to comment.
‘Cold River’, which has stepped up its attacks on Kyiv allies since the Russian invasion of Ukraine, first appeared on the radars of intelligence professionals after targeting the UK Foreign Office in 2016.
The group of Russian hackers has been involved in dozens of high-profile hacks in recent years, according to several cybersecurity firms.
(Reporting by James Pearson and Christopher Bing, with contributions from Polina Nikolskaya, Maria Tsvetkova and Anton Zverev; with Zeba Siddiqui in San Francisco and Raphael Satter in Washington; Blandine Hénault for the French version, editing by Bertrand Boucey)