Former Fed Admits Attempted Cyberattack on Nuclear Scientists
A former federal nuclear scientist pleaded guilty Tuesday to one count of attempted unauthorized access and intentional damage to a protected computer when he attempted to infect the computers of almost a hundred federal employees who had access to nuclear materials and weapons.
Charles Harvey Eccleston, 62, a former employee of the U.S. Department of Energy (DOE) and the U.S. Nuclear Regulatory Commission (NRC), admitted scheming to cause damage to the computer network of the DOE through e-mails that he believed would deliver a computer virus to particular employees, according to a statement from the Department of Justice.
After he was fired from his federal position, Eccleston moved to Manila, Phillipines. While visiting the Manila embassy in an unidentified foreign country, Eccleston offered to sell a list of thousands of “top secret” federal employees’ email addresses to foreign officials for $18,800.
The foreign officials told Eccleston they were interested, but secretly told the FBI of his ploy.
Eccleston also shared his plan with a foreign spy who was actually an undercover FBI agent: He would create a website for a fake conference, and send out a link to his list of NRC employees. Once they clicked on the link, they’d download a virus to their computers, which would allow the foreign country to monitor the U.S. employees’ computer use.
Eccleston worked on this plan with undercover FBI agents over the next few months, ultimately sending out the first 80 emails in January of 2015. Eccleston was told he would be paid $80,000 for sending out this email with what he believed to be a malicious link, but was in fact harmless. Eccleston was immediately arrested by Philippine police and deported to the U.S.
He signed a plea deal on Tuesday, confirming that the evidence the FBI gathered is accurate, and he now faces up to 30 months in prison, plus up to $95,000 in fines. (He was originally charged with four felonies.)