The New York Times is reporting that they obtained a copy of a report from US-CERT that attacks eminating from Chinese IP addresses successfully targeted employees of Oak Ridge National Laboratory in Tennessee. In addition to research in energy, nanotechnology and “isotope production”, Oak Ridge
provides federal, state and local government agencies and departments with technology and expertise to support national and homeland security needs. This technology and expertise is also shared with industry to enhance America’s economic competitiveness in world markets.
According to Wikipedia.
The attacks took the form of up to seven carefully crafted emails sent to internal addresses that induced employees to open attachments or click on links that installed Trojans that could steal information. Sound familiar? Remember the Israeli Trojan fiasco using Michael Haephrati’s crimeware?
I would expect by this time that all US research facilities would be protected from malicious downloads and should certainly not allow the transfer of information from a user’s machine to an untrusted site. I guess there is a large gap between my expectations and reality.
