Former DOE employee tried to sell US nuclear secrets to foreign country

Nuclear-Regulatory-Commission-Logo

‘My country for a Honda Civic.’ That’s how much a former DOE/NRC government employee thought the United States was worth. He walked into a foreign embassy overseas and tried to sell US secrets so he could buy a new Honda Civic. The price to sell out the country is getting lower and lower. He told the FBI that he also considered going to the embassies of China, Iran or Venezuela. This “car loan” of his is going to come with enormous interest — time in jail.

Former U.S. Nuclear Regulatory Commission Employee Charged With Attempted Spear-Phishing Cyber-Attack on Department of Energy Computers

(DOJ) An indictment has been unsealed charging Charles Harvey Eccleston, a former employee of the U.S. Department of Energy and the U.S. Nuclear Regulatory Commission (NRC), in connection with an attempted email “spear-phishing” attack in January 2015, targeting dozens of Department of Energy employee e-mail accounts.

The indictment was announced today by Assistant Attorney General for National Security John P. Carlin, Acting U.S. Attorney Vincent H. Cohen Jr. of the District of Columbia and Assistant Director in Charge Andrew G. McCabe of the FBI’s Washington Field Office.

The indictment was unsealed, along with an earlier-filed complaint and affidavit, following Eccleston’s first appearance this afternoon in the U.S. District Court of the District of Columbia.  The court ordered that he remain detained pending a hearing set for May 20, 2015.

According to the affidavit, the goal of the attack was to cause damage to the computer network of the Department of Energy through a computer virus that Eccleston believed was being delivered to particular department employees through emails, and to extract sensitive, nuclear weapons-related government information that Eccleston believed would be collected by a foreign country.

An email spear-phishing attack involves crafting a convincing email for selected recipients that appears to be from a trusted source and that, when opened, infects the recipient’s computer with a virus.  Attackers may gather personal information about their target to increase their probability of success.

“Combating cyber-based threats to our national assets is one of our highest priorities. As alleged in the indictment, Eccleston sought to compromise, exploit and damage U.S. government computer systems that contained sensitive nuclear weapon-related information with the intent to allow foreign nations to gain access to that material.  We must continue to evolve our efforts and capabilities to confront cyber enabled threats and aggressively detect, disrupt and deter them.  We are grateful for the tireless efforts of law enforcement in this case.”—Assistant Attorney General for National Security John P. Carlin

“This former federal employee is charged with trying to launch a cyber-attack to steal sensitive information from the Department of Energy. Thanks to an innovative operation by the FBI, no malicious code was actually transmitted to government computers.  This prosecution demonstrates federal law enforcement’s vigorous efforts to neutralize cyber threats that put consumers, our economy, and our national security at risk.” —Acting U.S. Attorney Vincent H. Cohen Jr. of the District of Columbia

“Computer intrusions are among the greatest cyber threats to our national security,”.  “Cyber actors have become increasingly adept at exploiting our computer networks in order to exfiltrate our nation’s secrets and valuable research.  As threats to the U.S. government become increasingly complex, the FBI will continue to evolve in order to counter these threats.” —Assistant Director in Charge Andrew G. McCabe of the FBI’s Washington Field Office

Eccleston, 62, a U.S. citizen who had been living in Davos City in the Philippines since 2011, was terminated from his employment at the U.S. Nuclear Regulatory Commission in 2010.  The attack targeted computers at the Department of Energy.

Eccleston was detained by Philippine authorities in Manila on March 27, 2015, and deported to the United States to face U.S. criminal charges.

According to the affidavit, Eccleston initially came to the attention of the FBI after he entered a foreign embassy and offered to provide classified information, which he claimed had been taken from the U.S. government.

Thereafter, Eccleston met with FBI undercover employees who were posing as representatives of the foreign country, and in exchange for a promised future payment, offered to design and send spear-phishing e-mails that could be used to damage the computer systems used by his former employer and to extract sensitive information from them.

The affidavit alleges that Eccleston sent those emails to over 80 Department of Energy computers in January 2015.  The FBI was able to ensure that no computer virus or malicious code was actually transmitted to the government computers.

The indictment charges Eccleston with a total of four felony offenses. These include three counts of crimes involving unauthorized access of computers.

Each of the crimes, as charged, is a felony punishable by a fine or imprisonment for various terms, the longest of which is ten years.   The indictment also charges Eccleston with wire fraud.  Such a violation is a felony punishable by a fine or imprisonment for not more than 20 years, or both.

Eccleston is charged with attempted violations of the statutes because the FBI ensured that no computer virus was actually embedded in the spear-phishing emails.

Charges contained in an indictment are merely accusations, and the defendant is presumed innocent unless and until proven guilty.

The investigation was conducted by the FBI’s Washington Field Office with assistance from the Nuclear Regulatory Commission and Department of Energy.  The prosecution is being handled by Assistant U.S. Attorney Thomas A. Gillice of the District of Columbia.  Trial Attorneys Scott Ferber and Julie A. Edelstein of the Justice Department’s National Security Division assisted in this matter.

The Department of Justice expressed appreciation to the Government of the Philippines for its assistance.

Eccleston Indictment

Additional Information:

Former Energy Department employee indicted in nuclear secrets case (Washington Post)

A former Energy Department employee has been indicted on charges of attempting to infiltrate the agency’s computer system to steal nuclear secrets and sell them to a foreign government, U.S. officials said.

Charles Harvey Eccleston, a former employee at the department and at the independent Nuclear Regulatory Commission (NRC), was arrested after an undercover FBI operation.

The sting was launched after Eccleston offered to provide to a foreign government classified information he that claimed could be obtained from the Energy Department, according to the indictment. . . . (read more)

Would-be seller of US secrets undone by LinkedIn boast (Guardian)

Charles Harvey Eccleston, a fired Department of Energy worker living in the Philippines, tried to sell a list of Nuclear Regulatory Commission (NRC) emails to a foreign government for $18,800 and ended up arrested on 27 March for attempting to send spear-phishing emails to as many as 37 Department of Energy computers, according to a recently unsealed indictment.

Eccleston had married a local woman and wanted money to stay in the Philippines, the arresting agent’s affidavit said, so he walked into the embassy of a country (unnamed in the FBI complaint) and offered the email list, saying he would sell it for about the price of a new Honda Civic. . . (read more)

Former NRC employee indicted after attempting to sell nuclear secrets and launch cyber attack (Enformable)

. . . Eccleston worked at the Department of Energy between 1988 and 2001, had been terminated from his position as a Facilities Security Specialist at the NRC in October 2010 due to performance and conduct issues, and moved to the Phillipines in May 2011. After moving to Davao City in the Philippines, Eccleston married a local woman, and needed money to stay in his new country of residence.

From his actions, it appears that Eccleston was more than disgruntled after his termination by the NRC. In the fall of 2012, Eccleston published an article titled “The Nuclear Regulatory Commission and NEPA Review”, which strongly criticized the NRC and claimed regulators have “failed to adequately evaluate the impact of serious nuclear accidents under the National Environmental Policy Act (NEPA). Eccleston claimed that the NRC policy is geared towards continuing the operation of nuclear power plants in the face of a “growing body of evidence about the risks and hazards facing the country’s aging nuclear fleet.”

In February 2013, Eccleston sent an email to Allison MacFarlane and the other Commissioners of the NRC, in which he claimed to expose the agency’s “deceptive and tainted license renewal process” in a book he published in 2012.

According to a press release from the FBI, it was the desire to collect funds to stay in the Philipines that led Eccleston to walk into a foreign embassy, report that he was a government employee with top-secret security clearance and offer “to provide classified information, which he claimed had been taken from the U.S. government.”

Eccleston first offered a list of over 5,000 email accounts of all officials, engineers, and employees of the NRC in exchange for $18,800, which he claimed was about the cost of a new Honda Civic. He also said that he could obtain accurate engineering blueprints of U.S. nuclear reactors, but didn’t relay an asking price for that information. . . . (read more)

More DICE Posts