Cyberattacks on Energy's National Labs Draw Lawmaker Scrutiny

In the wake of a series of cyberattacks aimed at three national laboratories that are helmed by the U.S. Department of Energy, House lawmakers are requesting access to relevant documentation about the hacking incidents to investigate their scope and the agency’s current cybersecurity posture. 

The attacks were carried out by hacking group known as Cold River, which the lawmakers note has been “implicated” in operations to benefit the Russian government. The hacking tactics employed by Cold River consisted of creating false login pages for the three targeted laboratories and sending them to associated scientists, who were then prompted for password information. 

Outlined in a letter sent to Energy Secretary Jennifer Granholm, leadership from the House Committee on Oversight and Accountability and the Committee on Science, Space and Technology cited three separate cyberattacks between August and September 2022 as targeting information related to U.S. national security and scientific competitiveness. The attacks reportedly occurred at the Brookhaven National Laboratory, the Argonne National Laboratory and the Lawrence Livermore National Laboratory.

“Although it is unclear whether the attempted intrusions were successful, it is alarming that a hostile foreign adversary targeted government labs working on scientific research critical to the national security and competitiveness of the United States,” the letter reads. “The Committees request documents and information related to these incidents to determine the impact of the attempted intrusions, and evaluate what DOE is doing to ensure the continued security of sensitive scientific research and development at its national laboratories.”

Lawmakers are seeking details on communications from each laboratory regarding the hacking attempts between July 2022 and the present day. This includes communication between contractors and subcontractors supporting Energy regarding the hacks, as well as other federal agencies. 

Energy officials intend to cooperate with House lawmakers’ requests, and an agency spokesperson reiterated to Nextgov that the agency is looking at its cyber defenses seriously. 

“As part of our ongoing review, DOE has not found evidence of information being compromised. DOE will continue to work with our federal partners to respond to and investigate any potential threats and breaches, ensuring the scientific research conducted across America’s national laboratories remains safe and secure,” the spokesperson said. 

The cyberattacks are set against a backdrop of geopolitical conflict between Russia and the U.S.—along with other countries included in the bilateral North Atlantic Treaty Organization—resulting from the ongoing war between Russia and Ukraine. 

Some of the federally subsidized research laboratories that were subject to these cyberattacks have also achieved groundbreaking scientific feats in recent months. The Lawrence Livermore Laboratory, based in California, made global news with its energy generation using fusion ignition technology. Fellow laboratories Brookhaven and Argonne also conduct critical research in nuclear and particle physics as well as engineering research, respectively.