Between 2010 and 2014, the US Department of Energy (DoE) was attacked by unknown parties 159 times, as USA Today is reporting based on edited documents obtained through the Freedom of Information Act.
The documents (embedded below) show information submitted by federal officials and third-party contractors, and do not reveal any in-depth details about the source or what kind of information was stolen.
The data was collected by the Energy Department’s Joint Cybersecurity Coordination Center, and only shows the date of the attack, the office where it took place, the incident’s current status, and what kind of attack it was (malicious code, compromised user/root accounts, denial of service, Web defacement, unauthorized use).
1,131 incidents in 4 years
From October 2010 and up to October 2014, the US Department of Energy recorded 1,131 attacks on its infrastructure, from which 159 were successful.
The Department of Energy is a sought-after target mainly because it centralizes information about the US’s power system, power consumption, power infrastructure, but also were a lot of research is carried out as well.
Additionally, the DoE also has multiple responsibilities in setting the country’s energy policies, which makes the department very attractive to cyber-espionage groups.
Inside the US Department of Energy is also the National Nuclear Security Administration, a self-governed agency with lots of ties to the US military, responsible for managing the country’s nuclear weapons inventory.
According to the documents, 19 successful attacks were recorded on the agency’s IT infrastructure during the aforementioned period.
State-sponsored cyber-espionage groups are probably the main culprits
Most of the attacks, 90 out of the total of 159, were aimed at the DoE’s Office of Science, were the most up-to-date scientific research in nuclear and energy power experiments is stored.
Additionally, 53 out of the 159 attacks were root compromises, which require high-level exploit kits and advanced knowledge of many cyber-security and IT topics.
This only comes to reinforce the general thought that most of these attacks are carried out by state-backed cyber-espionage groups.