A former federal employee attempted to hack the U.S. Department of Energy, to extract information on the U.S. nuclear arsenal, and to furnish that information to a foreign government, according to the Justice Department.
Charges unsealed on Friday allege that Charles Harvey Eccleston, a former official at the DOE and the Nuclear Regulatory Commission, targeted "dozens" of DOE employees with a sophisticated hacking scheme designed to damage the department’s computer networks and to extract sensitive information.
According to the DOJ, Eccleston approached a foreign government’s American embassy and offered to sell the government classified information on the U.S. nuclear weapons program.
Agents from the Federal Bureau of Investigation subsequently organized a sting operation. They posed as agents of a foreign government and "in exchange for a promised future payment, offered to design and send spear-phishing e-mails that could be used to damage the computer systems used by his former employer and to extract sensitive information from them," according to a DOJ press release.
The complaint does not say which government Eccleston approached, or which one the FBI agents claimed to represent. The Washington Post reported on Friday that the FBI alleges he attempted to sell the information to Russia and Venezuela, "but was not granted access to officials of these countries."
As part of its sting operation, the FBI provided dummy software that Eccleston believed contained a sophisticated "spear-phishing" virus. He sent the "virus," which DOJ says was completely innocuous, to more than 80 DOE employees.
"Eccleston sought to compromise, exploit and damage U.S. government computer systems that contained sensitive nuclear weapon-related information with the intent to allow foreign nations to gain access to that material," assistant attorney general for national security John Carlin said in a statement.
Eccleston is charged with three counts of unauthorized access to a computer and one count of wire fraud. All four are felony charges.
The FBI reiterated its commitment to cyber security following the announcement of charges.
"Cyber actors have become increasingly adept at exploiting our computer networks in order to exfiltrate our nation’s secrets and valuable research," Andrew McCabe, the DC office’s assistant director in charge, said in a statement.
"As threats to the U.S. government become increasingly complex, the FBI will continue to evolve in order to counter these threats."