The Obama administration’s Department of Labor (DOL) website was used to launch a cyber-attack, infecting visitors logging on to official DOL web pages on nuclear energy.
DOL’s “nuclear-related” web pages sent out a “Watering Hole” attack in April 2013. In a “Watering Hole” attack, the bad guys target a specific group of people and set malware traps on web pages that the group is likely to visit. So when visitors went on DOL’s nuclear pages, they received malware from the rogue Internet domain “dol.nso1.us.”
The attack was confirmed only by a 2013 post by Craig Williams, a security executive at Cisco Systems, to a Cisco company website.
Why would somebody want to give malware, which can include programs to track victimized computers, to people visiting federal government websites on nuclear energy? The DOL would not say.
DOL did not return a request for comment for this report, despite assuring The Daily Caller that an explanation would be provided by Thursday morning.
DOL has top nuclear experts in its programs related to nuclear weapons and energy workers. North Korea, meanwhile, spent April in the dead of the “2013 Korean Crisis,” which included North Korean nuclear tests and nuclear proliferation.
More importantly: who did it? That question, like so much on the Internet, is designed to never be answered.
The malicious domain “dol.nso1.us,” which sent out the malware from DOL’s website, is owned by the company changeip.org.
Type in “changeip.org” on your home browser and you get to changeip.com, a company that sells cheap domain names.
A call to changeip.com’s Miami, Florida office was greeted by an automated message. An email to one of several anonymous staff email accounts was not returned.