| Recurring |
one_organization, multiple_organization |
(a) The software failure incident having happened again at one_organization:
The Nuclear Regulatory Commission (NRC) has been targeted by overseas hackers multiple times in the past three years, with incidents involving phishing emails and malware attacks [29613]. These incidents highlight the ongoing cybersecurity challenges faced by the NRC, indicating a recurring issue within the organization.
(b) The software failure incident having happened again at multiple_organization:
The articles mention that overseas cyberattacks have been a growing concern, with other organizations like U.S. Investigation Services (USIS) also being targeted in attacks possibly launched by foreign powers [29613]. This indicates that similar incidents of cyber intrusions and data breaches have occurred at multiple organizations, emphasizing the widespread nature of such security threats. |
| Phase (Design/Operation) |
design, operation |
(a) The software failure incident related to the design phase can be seen in the hacking incidents targeting the Nuclear Regulatory Commission (NRC). The incidents involved sophisticated phishing attacks where hackers sent emails with malicious links or attachments to NRC employees, leading to compromised systems. For example, in one incident, hackers sent emails with a link to a cloud-based Google spreadsheet for logon-credential harvesting, resulting in some employees clicking the link and potentially exposing sensitive information [29613].
(b) The software failure incident related to the operation phase is evident in the actions of NRC employees who fell victim to the phishing attacks. For instance, in one incident, an NRC employee opened an infected PDF attachment sent via personal email, causing their computer to become infected and subsequently replaced [29613]. This highlights the impact of human error or misuse in the operation of the system, leading to system compromise and failure. |
| Boundary (Internal/External) |
within_system, outside_system |
(a) within_system: The software failure incident at the Nuclear Regulatory Commission (NRC) was primarily due to contributing factors that originated from within the system. The incidents involved hackers successfully infiltrating the NRC's systems through tactics like spearphishing emails containing malicious software, compromised personal email accounts of NRC employees, and logon-credential harvesting attempts [29613]. These internal vulnerabilities within the NRC's systems allowed the hackers to gain unauthorized access and potentially compromise sensitive information.
(b) outside_system: Additionally, the software failure incident at the NRC also had contributing factors that originated from outside the system. The attacks were conducted by foreigners, with some incidents traced back to unnamed foreign countries [29613]. The external nature of these attacks highlights the threat posed by overseas hackers targeting organizations like the NRC, emphasizing the importance of robust cybersecurity measures to defend against external threats. |
| Nature (Human/Non-human) |
non-human_actions, human_actions |
(a) The software failure incident occurring due to non-human actions:
The software failure incident at the Nuclear Regulatory Commission was primarily due to overseas hackers conducting cyberattacks on the organization's systems. These attacks included phishing attempts through emails containing malicious links and attachments, leading to the compromise of NRC employees' accounts and systems [29613].
(b) The software failure incident occurring due to human actions:
In response to the cyberattacks, NRC spokesman David McIntyre mentioned that the Commission took measures such as cleaning their systems, changing user profiles, and providing mandatory annual training on computer security to employees. Additionally, the incident involving an NRC employee opening an infected PDF attachment highlights the role of human actions in contributing to the software failure incident [29613]. |
| Dimension (Hardware/Software) |
software |
(a) The software failure incident related to hardware:
- The article does not mention any specific software failure incident related to hardware issues.
(b) The software failure incident related to software:
- The software failure incident in this case was due to overseas hackers successfully infiltrating the Nuclear Regulatory Commission's computers on multiple occasions. The hackers used tactics like spearphishing emails linked to malicious software and sending malware through infected PDF attachments [29613]. |
| Objective (Malicious/Non-malicious) |
malicious |
(a) The software failure incident reported in the articles is malicious in nature. The incident involved overseas hackers successfully infiltrating the Nuclear Regulatory Commission's computers on multiple occasions. The hackers conducted activities such as logon-credential harvesting attempts through phishing emails, sending malware-infected attachments, and using malicious software linked to cloud-based storage sites to compromise NRC employees' systems [29613]. These actions were intentional and aimed at gaining unauthorized access to sensitive information, indicating a malicious objective behind the software failure incident. |
| Intent (Poor/Accidental Decisions) |
poor_decisions, accidental_decisions |
(a) The intent of the software failure incident related to poor_decisions:
- The software failure incident involving the U.S. Nuclear Regulatory Commission being hacked multiple times by overseas hackers can be attributed to poor decisions made by employees who fell victim to phishing attempts ([29613]).
- Employees at the NRC clicked on links in emails that led to cloud-based storage sites containing malware, and one employee even opened an infected PDF attachment, leading to their computer being infected ([29613]).
(b) The intent of the software failure incident related to accidental_decisions:
- The software failure incident involving the NRC being targeted by overseas hackers also involved accidental decisions made by employees who unknowingly clicked on malicious links or opened infected attachments in emails ([29613]).
- These accidental decisions led to the compromise of NRC systems and the potential exposure of sensitive information to foreign entities ([29613]). |
| Capability (Incompetence/Accidental) |
development_incompetence, unknown |
(a) The software failure incident related to development incompetence is evident in the article as the Nuclear Regulatory Commission (NRC) fell victim to overseas hackers multiple times. The hackers successfully conducted attacks through methods like spearphishing emails linked to malicious software and sending malware-infected attachments to NRC employees [29613].
(b) The software failure incident related to accidental factors is not explicitly mentioned in the provided article. |
| Duration |
permanent |
(a) The software failure incident in the article is more of a permanent nature. The incidents of overseas hackers successfully breaching the Nuclear Regulatory Commission's computers on multiple occasions over the past three years indicate a persistent vulnerability in the system [29613]. The fact that the hackers were able to conduct phishing attacks, compromise employee accounts, and send malware to NRC employees demonstrates a sustained risk to the organization's cybersecurity. The need for continuous training and updating of security measures highlights the ongoing threat posed by such cyber intrusions. |
| Behaviour |
omission, value, other |
(a) crash: The software failure incident in the article does not specifically mention a crash where the system loses state and does not perform any of its intended functions [29613].
(b) omission: The incident involves instances of omission where the system omits to perform its intended functions. For example, in one incident, hackers sent emails to NRC employees in a logon-credential harvesting attempt, leading to some employees clicking on a link and providing their user accounts' information [29613].
(c) timing: The incident does not involve timing-related failures where the system performs its intended functions but too late or too early [29613].
(d) value: The software failure incident includes failures related to the system performing its intended functions incorrectly. For instance, employees were tricked into providing their user account information to hackers, leading to potential compromise of sensitive data [29613].
(e) byzantine: The incident does not exhibit byzantine failures where the system behaves erroneously with inconsistent responses and interactions [29613].
(f) other: The other behavior observed in this software failure incident is related to security vulnerabilities exploited by hackers to gain unauthorized access to the NRC's systems and sensitive information. This behavior involves malicious activities such as phishing, spearphishing, and sending malware-infected attachments to NRC employees [29613]. |