The Justice Department said one of the Russian officers performed online reconnaissance and stole log-in credentials of Westinghouse workers, including staff that work at its advanced nuclear reactor development and new reactor technology units.
Westinghouse, which is located outside of Pittsburgh, provides fuel, services and plant design to customers, including Ukraine.
Three of the seven Russian military officers indicted on Thursday were charged in a separate case brought by Special Counsel Robert Mueller’s office for their role in hacking activities designed to influence the 2016 presidential election.
John Demers, the head of the Justice Department’s National Security Division, said while the defendants overlap, the case brought on Thursday did not involve Mueller’s office.
The hackers also sought to delegitimize international anti-doping organizations and expose officials who revealed a Russian state-sponsored athlete doping program, according to the indictment.
The charges of conspiracy to commit computer fraud and abuse and to commit wire fraud and money laundering came hours after Dutch authorities said they had disrupted an attempt by Russian intelligence agents to hack into the Hague-based Organization for the Prohibition of Chemical Weapons in April.
Britain and the Netherlands have accused Russia of running a global campaign of cyberattacks to undermine democracies.
In the indictment, prosecutors alleged that one of the Russian officers, Ivan Sergeyevich Yermakov, performed “technical reconnaissance” of the company as early as Nov. 20, 2014, and got access to IP addresses, domains and network ports. The hackers also researched Westinghouse to learn about the company’s employees and their backgrounds in nuclear energy research.
In December, the Justice Department said, Yermakov and his co-conspirators registered a fake domain and website designed to mimic the company’s website and sent phishing emails to at least five employees. Once people clicked on the spoofed domain and provided their log-ins, they were rerouted to the original network.
On other occasions, according to the indictment, the conspirators also sent spearphishing emails to the personal emails of employees at Westinghouse. Two account users clicked on the malicious links.
The indictment does not clearly explain why Westinghouse was targeted or whether the hackers succeeded, and Justice Department officials declined to comment beyond the indictment.
Westinghouse did not immediately respond to a request for comment.
(Reporting by Lisa Lambert, Sarah N. Lynch and Chris Bing; Writing by Chris Sanders; Editing by Jeffrey Benkoe)