A former Department of Energy employee has pleaded guilty to federal charges that he attempted to infect 80 current DOE employees with malware so foreign hackers could take control of computer systems that held sensitive information related to nuclear weapons, officials said Wednesday.

Charles Harvey Eccleston, 62, pleaded guilty to one count of attempted unauthorized access and intentional damage to a protected computer, according to a statement issued by officials with the US Department of Justice. The statement said the man, who previously worked for both the DOE and the US Nuclear Regulatory Commission, plotted to compromise federal computer networks by sending current employees highly targeted e-mails that he believed contained links to malware that would give hackers remote access. Such campaigns are often referred to as spear phishing because they target a specific individual, often referring to them by name and referencing specific interests of job duties.

Prosecutors said the plot came to their attention in 2013 after Eccleston entered an unnamed foreign embassy in Manila, Philippines and offered to sell a list of more than 5,000 e-mail addresses of officials, engineers, and employees of a US government agency. Undercover FBI agents posing as embassy employees then worked to build a criminal case against the former employee, who prosecutors said was terminated from his employment at the Nuclear Regulatory Commission in 2010. To make the e-mail more convincing, it posed as an advertisement for a conference related to nuclear energy. According to the press release:

Over the next several months, Eccleston corresponded regularly by e-mail with the undercover employees. A follow-up meeting with a second undercover employee took place on June 24, 2014, in which Eccleston was paid $2,000 to cover travel-related expenses. During this meeting, Eccleston discussed having a list of 30,000 e-mail accounts of DOE employees. He offered to design and send spear-phishing e-mails that could be used in a cyber-attack to damage the computer systems used by his former employer. Over the next several months, the defendant identified specific conferences related to nuclear energy to use as a lure for the cyber-attack, then drafted e-mails advertising the conference. The e-mails were designed to induce the recipients to click on a link which the defendant believed contained a computer virus that would allow the foreign government to infiltrate or damage the computers of the recipients. The defendant identified several dozen DOE employees whom he claimed had access to information related to nuclear weapons or nuclear materials as targets for the attack. On Jan. 15, 2015, Eccleston sent the e-mails he drafted to the targets he had identified. The e-mail contained the link supplied by the FBI undercover employee which Eccleston believed contained a computer virus, but was, in fact, inert. Altogether, the defendant sent the e-mail he believed to be infected to approximately 80 DOE employees located at various facilities throughout the country, including laboratories associated with nuclear materials. Eccleston was detained after a meeting with the FBI undercover employee, during which Eccleston believed he would be paid approximately $80,000 for sending the e-mails.

Under terms of the plea agreement, prosecutors will recommend the man receive a prison term of 24 to 30 months and a fine of $95,000. Federal statutes provide a maximum sentence of 10 years in prison and potential financial penalties. Eccleston is scheduled to be sentenced on April 18.