Dept of Energy labs hacked by phishers

Dept of Energy labs hacked by phishers

Summary: This is pretty scary: Two major military and nuclear weapons labs have been breached by hackers: the Oak Ridge National Laboratory and Los Alamos National Lab, PCWorld says.Oak Ridge suffered a "sophisticated cyber attack," a spokesperson said, in which hackers accessed the SSNs and DOBs of visitors to the lab betwen 1990 and 2004?

SHARE:
TOPICS: Security
7

This is pretty scary: Two major military and nuclear weapons labs have been breached by hackers: the Oak Ridge National Laboratory and Los Alamos National Lab, PCWorld says.

Oak Ridge suffered a "sophisticated cyber attack," a spokesperson said, in which hackers accessed the SSNs and DOBs of visitors to the lab betwen 1990 and 2004? Who drops into Oak Ridge for a friendly visit? 3,000 scientists a year -- " a who's who of the science establishment in the U.S.," says PCW.

ORNL director, Thom Mason, described the attacks in an email to staff earlier this week as being a "coordinated attempt to gain access to computer networks at numerous laboratories and other institutions across the country."

"Because of the sensitive nature of this event, the laboratory will be unable for some period to discuss further details until we better understand the full nature of this attack," he added.

The attack on Los Alamos seems to be linked to the one on Oak Ridge. Not much is being said about that attack, although "given that a Los Alamos spokesman said that staff had been notified of an attack on Nov. 9 - days after the earliest attack wave on the ORNL - the assumption has to be that something untoward happened there as well, and probably at other science labs across the U.S."

So who's behind the attacks? Maybe just the usual phishing fraudsters, but there's also a possibility it was conducted by a rival government. Fingers have been pointed at China before and they are again. ABC News reported:

Authorities told ABC News that the attackers may be located in China. Security experts of late have been pointing the finger at China as the main source of many cyberattacks and cyber-espionage, but Chinese officials deny it.

Topic: Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

7 comments
Log in or register to join the discussion
  • Very scary

    "This is pretty scary: Two major military and nuclear weapons labs have been breached by hackers"

    Why are they connected to the public Internet in the first place? shouldn't Computers in these labs and installations be connected on a seperate network nobody else can get on except the military?
    intuitivek3
    • Think about it

      It sounds like a great idea, but consider that there are normal people working there. And chances are they would want to check their email or perform some other non-government-related activity at some point during the day. So short of connecting all of the various webmail services or whatever to said network, there's no good way around it. And if I understand the attack correctly, it didn't breach the servers directly but rather used users (secretaries, administrative staff, etc) computers as a gateway to access the servers. And chances are the servers themselves are on some type of military network separate from the rest of the world with the exception of the computers who have access to it as part of the users job.
      jflash_z
      • Separated networks for sensitive tasks

        I work for the goverment of my country, and we handle a lot of money via electronic transfers, we need a separated network for our work and other for the rest of the tasks, this is a need in this type of work, where a breach may cause a very big damage.

        It's expensive and not very user friendly (switch pc's just to send mail, beyoud our oficial network), but hey! this is a LOT of peoples money.
        maalmike
  • Hey Researchers....

    It ain't rocket science, ya know....don't open attachments! ;-)
    MGP2
  • I would hope...

    ...that the computers with the important stuff are not their very own self-contained network with no connection, direct or indirect, to the Internet. If not, somebody needs to lose his job.
    John L. Ries
    • Omit the "not"

      Must not have been paying attention.
      John L. Ries
    • Not the issue

      This appears not to be the issue. Once they compromise the system, they are able to get to other networks not connected to the Internet directly. At least, that is one security researcher's understanding of such situations in general. From a story I wrote today -- http://www.toptechnews.com/story.xhtml?story_id=022002OSVMDG --

      "This isn't the first time that a U.S. lab has been an attack target, nor is it the first time that private information left the building walls," (Andrew) Storms (of nCircle) said. "While there are rules and guidelines for handling sensitive data, exactly what the public might deem classified takes on a different definition inside the workings at Los Alamos for example."
      rkoman9