US Department of Energy, the agency overseeing the US power grid, nuclear arsenal, and national science labs, has been successfully compromised over 150 times between October 2010 and October 2014:
USA Today reports that 53 of the successful attacks were root compromises, meaning the attackers had administrator privileges on compromised DOE computer systems.
Of the 159 successful intrusions, 90 compromised the DOE Office of Science, which conducts energy research, and another 19 attacks compromised the National Nuclear Security Administration – the agency in charge of securing the nation’s stockpile of nuclear weapons.
The DOE disclosed a breach in July 2013 that compromised personal records of 104,000 past and current federal workers, contractors and their dependents.
But the DOE isn’t saying what data or systems may have been compromised in the other 158 breaches – that information has been redacted from the records.
A DOE spokesperson told USA Today that the agency can’t comment on investigations into the compromises or who might have been behind them.
But it’s quite possible that other nation states could be the culprits, as the US’s top cybersecurity official alluded to in a speech in Washington, DC this week.