Hackers Target Developer of Britain’s Underground Nuclear Facility
The British corporation Radioactive Waste Management (RWM), responsible for handling the nation’s radioactive waste, faced an attempted cyberattack through the professional networking platform LinkedIn. Although unsuccessful, this attempt has stirred concerns in the nuclear industry, raising questions about the security of vital nuclear infrastructure.
The Guardian reports that the cyberattack was orchestrated via LinkedIn. However, it remains unclear whether this was a phishing message or an attempt to deceive employees into installing malicious software.
LinkedIn is often utilized for phishing attacks targeting employees of specific companies. Last year, ESET researchers reported a cyberespionage campaign by the North Korea-supported hacker group Lazarus, targeting employees of a Spanish aerospace firm.
RWM is spearheading a £50 billion project to construct a geological repository for the disposal of radioactive waste. Under the banner of Nuclear Waste Services (NWS), RWM amalgamated three nuclear organizations, whose collaborative efforts are crucial for the project’s expedited completion.
An NWS spokesperson stated: “NWS has seen, like many other UK businesses, that LinkedIn has been used as a source to identify the people who work within our business. These attempts were detected and denied through our multi-layered defences.”
Experts warn that social platforms like LinkedIn are increasingly becoming preferred arenas for hackers, offering numerous infiltration pathways, including creating fake accounts, phishing messages, and direct credential theft.
FBI Special Agent Sean Regan previously highlighted the “significant threat” of LinkedIn being used by fraudsters to lure users into malicious cryptocurrency investment schemes.
LinkedIn representatives are also taking steps to warn users about potential fraud and provide resources for enhancing online security. Nevertheless, the potential for compromise through this channel remains a pressing concern for many critical industries worldwide.
NWS acknowledges the need for ongoing refinement of cybersecurity measures, emphasizing that emergency response plans must evolve to meet the business’s changing needs.