Posted
By CotoBlogzz
Charles
Harvey Eccleston, 62, a former employee of the U.S. Department of Energy (DOE)
and the U.S. Nuclear Regulatory Commission (NRC), was sentenced today to 18
months in prison on a federal charge stemming from an attempted e-mail
“spear-phishing” attack in January 2015 that targeted dozens of DOE employee
e-mail accounts, according to announcement by Assistant Attorney General for
National Security John P. Carlin, U.S. Attorney Channing D. Phillips of the
District of Columbia and Assistant Director in Charge Paul M. Abbate of the
FBI’s Washington Field Office.
Eccleston
pleaded guilty on Feb. 2, 2016, in the U.S. District Court for the District of
Columbia, to one count of attempted unauthorized access and intentional damage
to a protected computer. In his guilty plea, Eccleston admitted scheming
to cause damage to the computer network of the DOE through e-mails that he
believed would deliver a computer virus to particular employees. An
e-mail spear-phishing attack involves crafting a convincing e-mail for selected
recipients that appears to be from a trusted source and that, when opened,
infects the recipient’s computer with a virus.
In
addition to the prison time, U.S. District Judge Randolph D. Moss ordered
Eccleston to forfeit $9,000, an amount equal to the sum the FBI provided to
Eccleston during the course of the undercover investigation.
Eccleston,
a U.S. citizen who had been living in Davao City in the Philippines since 2011,
was terminated from his employment at the NRC in 2010. He was detained by
Philippine authorities in Manila, Philippines, on March 27, 2015, and deported
to the United States to face U.S. criminal charges. He has been in
custody ever since.
According
to court documents, Eccleston initially came to the attention of the FBI in
2013 after he entered a foreign embassy in Manila and offered to sell a list of
over 5,000 e-mail accounts of all officials, engineers and employees of a U.S.
government energy agency. He said that he was able to retrieve this
information because he was an employee of a U.S. government agency, held a top
secret security clearance and had access to the agency’s network. He
asked for $18,800 for the accounts, stating they were “top secret.” When
asked what he would do if that foreign country was not interested in obtaining
the U.S. government information the defendant was offering, the defendant
stated he would offer the information to China, Iran or Venezuela, as he
believed these countries would be interested in the information.
Thereafter,
Eccleston met and corresponded with FBI undercover employees who were posing as
representatives of the foreign country. During a meeting on Nov. 7, 2013,
he showed one of the undercover employees a list of approximately 5,000 e-mail
addresses that he said belonged to NRC employees. He offered to sell the
information for $23,000 and said it could be used to insert a virus onto NRC
computers, which could allow the foreign country access to agency information
or could be used to otherwise shut down the NRC’s servers. The undercover
employee agreed to purchase a thumb drive containing approximately 1,200 e-mail
addresses of NRC employees; an analysis later determined that these e-mail
addresses were publicly available. The undercover employee provided
Eccleston with $5,000 in exchange for the e-mail addresses and an additional
$2,000 for travel expenses.
Over
the next several months, Eccleston corresponded regularly by e-mail with the
undercover employees. A follow-up meeting with a second undercover
employee took place on June 24, 2014, in which Eccleston was paid $2,000 to
cover travel-related expenses. During this meeting, Eccleston discussed
having a list of 30,000 e-mail accounts of DOE employees. He offered to
design and send spear-phishing e-mails that could be used in a cyber-attack to
damage the computer systems used by his former employer.
Over
the next several months, the defendant identified specific conferences related
to nuclear energy to use as a lure for the cyber-attack, then drafted emails
advertising the conference. The emails were designed to induce the
recipients to click on a link which the defendant believed contained a computer
virus that would allow the foreign government to infiltrate or damage the
computers of the recipients. The defendant identified several dozen DOE
employees whom he claimed had access to information related to nuclear weapons
or nuclear materials as targets for the attack.
On Jan.
15, 2015, Eccleston sent the e-mails he drafted to the targets he had
identified. The e-mail contained the link supplied by the FBI undercover
employee which Eccleston believed contained a computer virus, but was, in fact,
inert. Altogether, the defendant sent the e-mail he believed to be
infected to approximately 80 DOE employees located at various facilities
throughout the country, including laboratories associated with nuclear
materials.
Eccleston
was detained after a meeting with the FBI undercover employee, during which
Eccleston believed he would be paid approximately $80,000 for sending the
e-mails.
The
investigation was conducted by the FBI’s Washington Field Office with
assistance from the NRC and DOE.
No comments:
Post a Comment