The US ‘National Nuclear Security Administration’ Is Among the Hacked Agencies

Last updated June 23, 2021
Written by:
Bill Toulas
Bill Toulas
Cybersecurity Journalist

The U.S. National Nuclear Security Administration confirmed that hackers have accessed its networks and engaged in cyber-espionage. This has happened in the context of the “Sunburst” attacks that have affected a large number of federal agencies and several organizations in the country. Now that the indicators of compromise are known, and the main backdoor communications domain has been seized, IT teams can figure out if they have an infection or not, and researchers can pinpoint breached networks.

The hack on this critical part of the Energy Department (DoE) is a blow on the American pride and also on the outgoing Cybersecurity and Infrastructure Security Agency (CISA). The National Nuclear Security Administration (NNSA) is the federal agency responsible for safeguarding national security through the military application of nuclear science. At an annual budget of $16.5 billion, it manages nuclear weapon stockpile, develops nuclear propulsion systems for the Navy, and is responsible for the enhancement of the security and safety of all nuclear plants in the country.

The agency is now sending notifications of a breach to the affected entities and people and informed CISA as required. The latter responded by saying that they’re already overwhelmed, as their resources are already all over the place, allocated to investigating the various points of Sunburst infection that were discovered previously.

Representatives of the DoE stated that they don’t know if the hackers managed to access anything yet. The malware infection was likely isolated to business networks only, not affecting the department’s mission-critical components.

However, this statement doesn’t have much value at this point as the investigation is ongoing and could reveal a lot of trouble as it progresses. This is along the same lines set by the FBI's recent joint statement, CISA, and ODNI, which states that damage was done, but nobody can estimate the magnitude just yet.

Netenrich’s CSO Brandon Hoffman told us:

This is really just the beginning. As soon as we think it can’t get any worse, more evidence will be found. The government needs to really step up and prepare for the fallout of all this data loss. Claiming we don’t know will not satisfy the public about the state of national security. There needs to be some level of transparency about what was taken and how we plan to respond based on all the potential ways this data can be used.



For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: