Ex-DOE worker charged with trying to steal, sell nuclear data

A former employee of the Nuclear Regulatory Commission (NRC) is facing up to 50 years in prison for allegedly attempting to use a spear-phishing campaign to harvest sensitive nuclear weapons information from government computers.

Charles Harvey Eccleston, 62, planned to sell the information to an undisclosed foreign government, according to charges unsealed Friday by the Justice Department.

{mosads}His plans were thwarted by an FBI sting operation, and he now faces four felony charges, authorities say, including wire fraud.

“Combating cyber-based threats to our national assets is one of our highest priorities,” Assistant Attorney General for National Security John P. Carlin said in a statement.

“We must continue to evolve our efforts and capabilities to confront cyber enabled threats and aggressively detect, disrupt and deter them.”

If true, the charges against Eccleston point to an unusual case that combines both an insider cyber threat and the risks associated with targeted malware campaigns against the government.

His tool of choice — spear-phishing — involves disguising a malicious email to look safe to its recipient, who inadvertently infects his or her computer with malware by clicking on a dangerous link or file attachment.

Eccleston was fired from his job at the NRC in 2010, and moved to Davos City in the Philippines the following year. The reasons for his termination are unclear.

According to an affidavit, Eccleston came to the attention of law enforcement when he entered a foreign embassy and offered to provide the country with classified U.S. government information.

The FBI responded by launching a sting operation in which Eccleston met with undercover agents posing as officials from the foreign country.

He offered to design and send emails that would extract information from government computers, and went on to send them to 80 Department of Energy machines in January 2015, the affidavit said. The FBI ensured that no malicious code was actually sent to government machines. 

Eccleston was detained by Philippine authorities on March 27, and underwent his first court appearance on Friday at the U.S. District Court of the District of Columbia.

“Computer intrusions are among the greatest cyber threats to our national security,” said assistant director in charge Andrew G. McCabe of the FBI’s Washington field office.

“Cyber actors have become increasingly adept at exploiting our computer networks in order to exfiltrate our nation’s secrets and valuable research. As threats to the U.S. government become increasingly complex, the FBI will continue to evolve in order to counter these threats.”

Eccleston will remain detained until a hearing scheduled for May 20, according to the Justice Department.