Cyber hackers hit ORNL; thousands potentially affected

Cyber hackers hit ORNL; thousands potentially affected
Cyber hackers hit ORNL; thousands potentially affected 

By Frank Munger 
Knoxville News Sentinel
December 6, 2007

OAK RIDGE - Oak Ridge National Laboratory was the target of a 
sophisticated cyber attack that potentially gave hackers access to the 
personal information of thousands of visitors to the lab from 1990 to 
2004, the laboratory confirmed today.

ORNL Director Thom Mason informed lab staff members of the issue earlier 
this week and said the lab would attempt to notify as many persons as 
possible whose personal information may have been stolen.

Lab spokesman Billy Stair said today about 12,000 letters had been sent 
to potential victims.

Mason outlined the general aspects of the attack, which included a 
number of phishing e-mails sent to staff members, but he concluded the 
note by saying: Because of the sensitive nature of this event, the 
laboratory will be unable for some period to discuss further details 
until we better understand the full nature of this attack.

Phishing is the practice of sending official-looking e-mails to extract 
information from victims who believe them to be from legitimate 
institutions such as banks.

Mason told staffers that the attack appeared to be part of a coordinated 
attempt to gain access to computer networks at numerous laboratories and 
other institutions across the country. He said ORNLs cyber security team 
has been working nights and weekends to try to understand the nature of 
the attack.

A spokesman at Los Alamos National Laboratory, a weapons design 
laboratory in New Mexico, confirmed this afternoon that LANL also was 
attacked by hackers.

Kevin Roark of Los Alamos would not discuss the hacking, except to say 
that it occurred on unclassified systems and was significant and 
sophisticated. He said Los Alamos employees were notified Nov. 4.

The first potential corruption at ORNL occurred Oct. 29, lab officials 

Our review to date has shown that while every security system at ORNL 
was in place and in compliance, the hackers potentially succeeded in 
gaining access to one of the laboratorys non-classified data bases that 
contained personal information of visitors to the laboratory between 
1990 and 2004, Mason said. At this point we have determined that the 
thieves made approximately 1,100 attempt to steal data with a very 
sophisticated strategy that involved sending staff a total of seven 
phishing e-mails, all of which at first glance appeared legitimate.

Investigators believe that 11 staff members opened the attachment, 
enabling hackers to infiltrate the system and remove data, he said.

Reconstructing the event will likely take weeks, if not longer, to 
complete, the ORNL director said.

According to Mason, the personal information potentially vulnerable 
would be names, dates of birth and social security numbers of lab 

Stairs said the visitors would include scientists, university officials, 
industrial and business representatives, as well as members of the news 
media and many others who come to the national laboratory. He said it 
would not include young students who tour the laboratory.

More details as they develop online and in Friday's News Sentinel.


Related blog - Frank Munger's Atomic City Underground: Los Alamos also 

Visit InfoSec News 

Site design & layout copyright © 1986-2014 CodeGods