A former employee of the U.S. Department of Energy and U.S. Nuclear Regulatory Commission was busted in an FBI sting for allegedly attempting to set off a “spear fishing” cyber-attack to extract nuclear information from the agency for personal gain.
According to the indictment filed at the U.S. District Court for the District of Columbia on April 23 and unsealed Friday, Charles Harvey Eccleston, 62, hatched a scheme in April 2013 to unleash a virus through dozens of DOE email accounts. As a result, he allegedly believed the damage done to protected computers would allow foreign government access to “sensitive and confidential information from the DOE computers.”
Eccleston, who was reportedly fired from the NRC in 2010, met and communicated with someone he thought was a representative of a foreign government, in hopes of being paid for his role in causing the damage and obtaining the access to the U.S. documents, according to the government. However, the person he met with was actually an FBI agent.
It was unclear where the meetings took place.
Under the alleged plan, Eccleston would supply the email addresses and a ruse to convince his former colleagues to open a "poison" email, and the foreign government would ostensibly supply the link with a malicious code. If successful, the plot would have caused damage to ten or more protected computers over a one-year period, according to the indictment.
The scheme is otherwise known as a “spear-phishing attack” – or compelling someone to open an email that appears to be from a trusted source, but when opened unleashes a virus on the recipient’s computer.
The FBI agent patiently collected numerous email addresses from Eccleston and communiques about the alleged plot. Then he gave Eccleston a phony virus. Eccleston attempted to pull the trigger on January 1, 2015, by sending emails to some 80 addresses, according to the charges. He was detained by authorities on March 27 in the Philippines, where he had been living since 2011, and deported back to the U.S. to face the criminal charges. The FBI said no computers were harmed.
He faces charges of attempted unauthorized access and intentional damage to a protected computer, unauthorized access to a protected computer to obtain information, attempted access to a protected computer to defraud and obtain value, and wire fraud. All are felonies and Eccleston will remain in custody until a May 20 hearing.
“This former federal employee is charged with trying to launch a cyber-attack to steal sensitive information from the Department of Energy,” said Acting U.S. Attorney Vincent H. Cohen Jr. “Thanks to an innovative operation by the FBI, no malicious code was actually transmitted to government computers. This prosecution demonstrates federal law enforcement’s vigorous efforts to neutralize cyber threats that put consumers, our economy, and our national security at risk.”