Officials from the University of Toyama’s Hydrogen Isotope Research Center have told reporters that the researchers and professors at the university have been under attack from hackers since November 2015, with the last recorded attack in June of this year.
The university officials were telling Japanese media and they mentioned that the hacker had managed to steal data files related to the personal details of the scientists and also some research data in all times he hacked the university. Several researchers received spear phishing emails to some of the several researchers and scientists who were working at the nuclear research laboratory.
After investigating the details of the hacking incidents, investigators traced back the first hacking attempt to November 25, 2015. A malware strain was used to compromise a researcher’s computer and after affecting the computer, it managed to get information from the worker’s workstation and the online server he was connected to.
The malware, according to what officials say, first started taking data from the University’s network in December of 2015 too. Over 1,000 archived files were created by the attackers from the stolen data which was then sent to the online server which they controlled. The archived files created were encrypted, and because of this for investigators it becomes difficult to know what kind of information was stolen.
Another series of files was also taken after the first one, and they managed to compress the files and archive them before they again sent it to their servers. The second attempt is said to have happened in March of 2016. Since the files were not encrypted, the investigators said that they noticed that the hackers had gotten information which related to the removal of contaminated water at the Fukushima nuclear power plant.
On their third attempt, one external party noticed and they immediately notified the University. Investigations after the discovery showed that the researchers were tricked by someone who disguised themselves as a Tokyo university student and would go on to ask them questions. The questions were then sent with a document which was laced with malware.
In total, 59,000 files are said to have been stolen, according to the investigation. They also noted that the malware was programmed to search for the term IAEA, the UN International Atomic Energy Agency.
The University of Toyama’s Hydrogen Isotope Research Center is one of the world leaders in tritium research. Tritium is a radioactive isotope of hydrogen, also known as hydrogen-3. It is used in hydrogen bombs and controlled nuclear fusion.