The organisation in charge of overseeing the management of the UKs radioactive nuclear waste has reported that they were the subject of an attempted cyber attack, and have highlighted that LinkedIn was utilised to facilitate the social engineering aspect of the attack.

The £50 billion Geological Disposal Facility (GDF) project, led by the United Kingdom's Radioactive Waste Management (RWM), aims to establish a substantial underground nuclear waste repository in the country.

RWM, a government-owned entity, facilitated the merger of three nuclear bodies - namely, the GDF project, the Low-Level Waste Repository, and another unnamed waste management entity - to form Nuclear Waste Services (NWS).

Although the full details of the attack or the tactics employed haven’t been released, a statement from Nuclear Waste Services highlights LinkedIn as a key element to the tactics and techniques employed by those responsible.

An NWS spokesperson said:

“NWS has seen, like many other UK businesses, that LinkedIn has been used as a source to identify the people who work within our business. These attempts were detected and denied through our multi-layered defences”.

LinkedIn has long been a repository of useful insights into the people working within organisations that can then be targeted by threat actors. Several campaigns seen in 2023 were reported, highlighting how data from LinkedIn such as job title, department worked in, details of colleagues/line managers were being leveraged by threat actors to aid phishing campaigns.

In early December last year, The Guardian Newspaper also reported that Sellafield had been the subject of cyber attacks from Russian and Chinese state sponsored threat actors, with malware detected within the systems at the site as far back as 2015.

The UK government were quick to respond to these claims with a flat denial of the details being made public by the media outlet.

Organisations should remain vigilant regarding the use of LinkedIn and to think carefully regarding any emails which may be equipped with familiar information that could have been gathered from LinkedIn, even if they appear to be from a trusted source.

Related articles:

• LinkedIn used as phishing bait
• LinkedIn leaks could lead to lock outs
• DarkGate malware flooding LinkedIn and Facebook messages
• The dark web’s evil alternative to LinkedIn
• Hackers launch widespread campaign to hijack LinkedIn accounts

Reporting

Report all Fraud and Cybercrime to Action Fraud by calling 0300 123 2040 or online. Forward suspicious emails to report@phishing.gov.uk. Report SMS scams by forwarding the original message to 7726 (spells SPAM on the keypad).