Washington, DC - A former employee of the US Nuclear Regulatory Commission (NRC) was sentenced to 18 months for attempting a spear-phishing attack against Department of Energy computers that contained information on nuclear weapons, the Department of Justice announced in statement.
“[Charles Harvey] Eccleston's sentence holds him accountable for his attempt to compromise, exploit and damage US government computer systems that contained sensitive nuclear weapon-related information,” Assistant US Attorney General for National Security John Carlin said on Monday.
Carlin added that Eccleston attempted the breach with the intent of “allowing foreign nations to gain access to that information or to damage essential systems.”
A spear-phishing attack is a method of infecting a target computer by sending an email purporting to be from a trusted source that, when opened, infects the recipient's computer with a virus.
In 2015, Eccleston was arrested by undercover Federal Bureau of Investigation (FBI) agents with whom he had been communicating, believing them to be representatives from a foreign government.
Eccleston had offered to sell the agents information in 2013 that a foreign government could use to insert a virus into NRC computers, allowing them to shut down the NRC's servers or obtain nuclear information.
A year later, Eccleston also offered to carry out a spear-phishing attack against some 30 000 computers belonging to Energy Department employees in exchange for money.
Eccleston pleaded guilty in February to one count of unauthorized access and intentional damage to a protected computer.
US attorneys said Eccleston was acting out of spite in retaliation for being terminated from his job at the NRC in 2010.