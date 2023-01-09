Brookhaven National Laboratory officials were mum on Monday following a report that the Upton facility had been among three U.S. national labs targeted by Russian hackers last summer.

It remains unclear whether the hackers were able to steal any information or whether their so-called phishing attempts were in any way successful.

“We don’t comment on security matters,” said Peter Genzer, a BNL spokesman, declining to say whether any information was accessed. He referred calls to the U.S. Department of Energy, which didn’t respond to messages seeking comment.

Reuters in a report last week said a Russian hacking team known as Cold River targeted BNL, Argonne National Laboratory in Illinois and Lawrence Livermore National Laboratory in California in an effort that included the creation of fake login pages to steal passwords. The news agency wasn’t able to say whether the efforts were successful.

Cold River has reportedly increased hacking activity against allies of the Ukrainian government following a United Nations tour last year of a nuclear plant in Russian-controlled Ukrainian territory to review risks of a potential radiation disaster as war raged around the plant. Cold River was previously associated with numerous attacks, including stealing and leaking emails of the former head of the British spy agency, MI6, according to the Guardian.

Cybersecurity firm CrowdStrike told Reuters Cold River is “involved directly” in supporting information efforts of Russian government operations, though Russia has denied involvement in hacking campaigns.

Cold River tactics include tricking people into entering usernames and passwords on fake websites to gain access to their computer systems, security researchers told Reuters. To do this, Cold River has used a variety of email accounts to register domain names such as "goo-link.online" and "online365-office.com" which at a glance look similar to legitimate services operated by firms such as Google and Microsoft, the security researchers said.

The reported attempted hack at BNL comes as Suffolk County continues to grapple with an unrelated ransomware attack that crippled county online operations starting on Sept. 8, when attackers began encrypting and locking up files. They demanded a $2.5 million ransom that Suffolk refused to pay. Many online government services remain offline four months after the hack, including at the Department of Health Services, which Suffolk in late December acknowledged had seen its files encrypted.