Computers at the US Nuclear Regulatory Commission (NRC) have been hacked three times in the last three years. Two of the attacks are believed to have originated in foreign countries, while the source of the third remains unknown. The first attack used a regular phishing email to trick staff into handing over their login credentials. The second attack was more targeted and saw the attackers use spear phishing to take victims to an embedded URL that hosted malware in a Microsoft SkyDrive account. The third attack targeted an NRC employees personal email account, leading to malware-ridden emails being sent to 16.”]

