The U.S. government charged Charles Harvey Eccleston, a former employee of the Department of Energy (DoE) and the U.S. Nuclear Regulatory Commission (NRC), with four felony charges connected with an attempted email “spear-phishing” attack in January 2015 targeting Department of Energy employee email accounts, the Department of Justice said on May 8.
According to an earlier-filed affidavit, the attack was intended to cause damage to the computer network of the Department of Energy via a computer virus Eccleston believed was being delivered to department employees through email. This method intended to extract sensitive, nuclear weapons-related government information that Eccleston allegedly believed would be collected by a foreign country.
Spear-phishing attacks entail creating a convincing email for recipients that appears to be from a trusted source, but when opened, infect a computer with a virus. Attackers often collect personal information about the target to increase the chance of success.
Three of the charges involve unauthorized access of computers, punishable by a fine or imprisonment for different terms with the longest being 10 years. The fourth charge is wire fraud, punishable by a fine or imprisonment for up to 20 years.
The court ordered Eccleston be detained pending a hearing set for May 20.
“Combating cyber-based threats to our national assets is one of our highest priorities. As alleged in the indictment, Eccleston sought to compromise, exploit and damage U.S. government computer systems that contained sensitive nuclear weapon-related information with the intent to allow foreign nations to gain access to that material. We must continue to evolve our efforts and capabilities to confront cyber enabled threats and aggressively detect, disrupt and deter them,” Assistant Attorney General Carlin, said in a statement.
Eccleston was terminated from his NRC job in 2010 and has been living in Davos City, Philippines since 2011. He was detained by Philippine authorities in Manila on March 27, then deported to the United States to face criminal charges.
The FBI said Eccleston came to their attention after he entered a foreign embassy and offered to provide them with classified information he said was taken from the U.S. government. Later, Eccleston met with undercover FBI employees posing as representatives of that country. In exchange for future payment, Eccleston allegedly offered to design and send spear-phishing emails that could damage the computer systems used by the DoE and to extract sensitive information from them, the FBI said.
The affidavit alleges Eccleston sent the emails to over 80 DoE computers in January 2015. The FBI said it ensured no viruses or malicious code was transmitted to government computers.
The investigation was conducted by the FBI’s Washington field office with assistance from the Nuclear Regulatory Commission and Department of Energy.
“This former federal employee is charged with trying to launch a cyber-attack to steal sensitive information from the Department of Energy. Thanks to an innovative operation by the FBI, no malicious code was actually transmitted to government computers. This prosecution demonstrates federal law enforcement’s vigorous efforts to neutralize cyber threats that put consumers, our economy, and our national security at risk,” said Vincent H. Cohen Jr., Acting U.S. Attorney of the District of Columbia.
“Computer intrusions are among the greatest cyber threats to our national security. Cyber actors have become increasingly adept at exploiting our computer networks in order to exfiltrate our nation’s secrets and valuable research. As threats to the U.S. government become increasingly complex, the FBI will continue to evolve in order to counter these threats,” Andrew McCabe, Assistant Director in Charge of the FBI’s Washington, D.C. field office, added.