Saturday, December 8th 2007

Hackers Launch Major Attack on US Military Labs

Hackers have succeeded in breaking into the computer systems of two of the U.S.' most important science labs, the Oak Ridge National Laboratory (ORNL) in Tennessee and Los Alamos National Laboratory in New Mexico. In what a spokesperson for the Oak Ridge facility described as a "sophisticated cyber attack," it appears that intruders accessed a database of visitors to the Tennessee lab between 1990 and 2004, which included their social security numbers and dates of birth. Three thousand researchers reportedly visit the lab each year, a who's who of the science establishment in the U.S.

The attack was described as being conducted through several waves of phishing emails with malicious attachments, starting on Oct. 29. Although not stated, these would presumably have launched Trojans if opened, designed to bypass security systems from within, which raises the likelihood that the attacks were targeted specifically at the lab.

ORNL director, Thom Mason, described the attacks in an email to staff earlier this week as being a "coordinated attempt to gain access to computer networks at numerous laboratories and other institutions across the country."

"Because of the sensitive nature of this event, the laboratory will be unable for some period to discuss further details until we better understand the full nature of this attack," he added.

The ORNL has set up a web page giving an official statement on the attacks, with advice to employees and visitors that they should inform credit agencies so as to minimize the possibility of identity theft.

Less is known about the attacks said to have been launched against the ORNL's sister-institution at Los Alamos, but the two are said to be linked. It has not been confirmed that the latter facility was penetrated successfully, though given that a Los Alamos spokesman said that staff had been notified of an attack on Nov. 9 - days after the earliest attack wave on the ORNL - the assumption has to be that something untoward happened there as well, and probably at other science labs across the U.S.

The ORNL is a multipurpose science lab, a site of technological expertise used in homeland security and military research, and also the site of one of the world's fastest supercomputers. Los Alamos operates a similar multi-disciplinary approach, but specializes in nuclear weapons research, one of only two such sites doing such top-secret work in the U.S.

Los Alamos has a checkered security history, having suffered a sequence of embarrassing breaches in recent years. In August of this year, it was revealed that the lab had released sensitive nuclear research data by email, while in 2006 a drug dealer was allegedly found with a USB stick containing data on nuclear weapons tests.

"This appears to be a new low, even drug dealers can get classified information out of Los Alamos," Danielle Brian, executive director of the Project On Government Oversight (POGO), said at the time. Two years earlier, the lab was accused of having lost hard disks

The possibility that the latest attacks were the work of fraudsters will be seen by some as optimistic - less positive would be the possibility of a rival government having been involved. Given the apparently coordinated nature of events, speculation will inevitably point to this scenario, with the data theft a cover motivation for more serious incursions.Source: PC World
Add your own comment

21 Comments on Hackers Launch Major Attack on US Military Labs

#1
kwchang007
Ouch, not good news for these labs.
Posted on Reply
#2
CrAsHnBuRnXp
Reminds me of the movie Live Free or Die Hard.
Posted on Reply
#3
kwchang007
by: CrAsHnBuRnXp
Reminds me of the movie Live Free or Die Hard.
Yeah, good movie there.
Posted on Reply
#4
Woah Mama!
by: CrAsHnBuRnXp
Reminds me of the movie Live Free or Die Hard.
Reminds me of Transformers.


See, they are out there



:wtf:
Posted on Reply
#5
FatForester
Crap! I was gonna work at ORNL next summer...
Posted on Reply
#6
magibeg
Its good to know US research is finding its way into the right hands (drug dealers).
Posted on Reply
#7
CrAsHnBuRnXp
by: kwchang007
Yeah, good movie there.
One of my fav's.

Love Bruce Willis movies. Kick ass actor right there.
Posted on Reply
#8
panchoman
Sold my stars!
wonder whats gonna be next
Posted on Reply
#10
hat
Maximum Overclocker
Oh dead god... nuclear weapons research...
Posted on Reply
#11
kwchang007
by: CrAsHnBuRnXp
One of my fav's.

Love Bruce Willis movies. Kick ass actor right there.
Yeah. Now everyone prepare for the firesale and get 5 generators
Posted on Reply
#12
ex_reven
by: hat
Oh dead god... nuclear weapons research...
pfft.
Nuclear arsenals are sooooo 1960's maaan.

:p
Posted on Reply
#13
newconroer
by: kwchang007
Ouch, not good news for these labs.
Not good news for the hackers either. They'll find them, and then it's butt-seks time!
Posted on Reply
#14
kwchang007
by: newconroer
Not good news for the hackers either. They'll find them, and then it's butt-seks time!
That's the hope. But I doubt they can find all of them.
Posted on Reply
#16
mandelore
oh noes... now common thugs will be popping outa thin air in their newly stolen nano-suits :(
Posted on Reply
#17
Ben Clarke
WTF? Why do the thieves get nano-suits? I'm much more deserving of one.
Posted on Reply
#18
Rambotnic
by: mandelore
oh noes... now common thugs will be popping outa thin air in their newly stolen nano-suits
:roll:
..."MAXIMUM HIGH" :D
Posted on Reply
#19
ghost101
Not quite that severe of a breach.

by: dailytech


Two labs of America's top scientists have fallen for the oldest trick in the hackers' book

DailyTech featured a blog yesterday on how the media frequently reports on so called "hacks" with little understanding of what happened, participating in a irresponsible brand of journalism that borders on alarmism. The problem is exacerbated in that people really do fall victim to Internet scams, even rather smart ones, which reporters dubiously dub "hacks."

One such report featured on ABC News concluded that two nuclear labs had been "hacked." The true story is a bit more entertaining and the reveals that there is no threat to the country's nuclear safety. Real threats such as concerted "hacks" conducted by the Chinese against the U.S. government are certainly a concern, but the only thing dangerous about the compromise at these labs is the stupidity of a few scientists and workers at the plants.

The Oak Ridge National Laboratory (ORNL) in Tennessee and Los Alamos National Lab in New Mexico have made a habit of collecting the social security numbers, names, and birth dates of scientists who visit the plants. The information is put into a database, which reads like a who's who of America's top scientists.

Unfortunately, nobody thought such a practice might be a bit insecure. Starting October 29, workers at the labs began receiving phishing emails, which followed a traditional attack pattern of containing malicious Trojan-containing attachments.

There is no evidence that the attacks were specifically geared at the lab. If the attacks were just a general Internet attack, those responsible might have been excited at the big fish they caught. The two labs both have reported that the phishing emails gained access to their system, which indicates at least two employees -- one at each plant -- were foolish enough to click the attachment and commence the damage. The result was that the database with the scientists' information was compromised.

The phishers gained access to the records of all visitors at the plant between 1999 and 2004.

Don't blame the news networks solely for sensationalizing the attack and making it sound like a sophisticated assault. Leaders at the labs have gone on record trying to fudge the facts in statements, making the attacks sound more complex than they really are and icing over that the attacks only succeeded due to employee failures.

For example, ORNL director Thom Mason stated that the attacks were, "coordinated attempt to gain access to computer networks at numerous laboratories and other institutions across the country," and continued, "Because of the sensitive nature of this event, the laboratory will be unable for some period to discuss further details until we better understand the full nature of this attack."

Los Alamos has been more silent about what appears to prove the old adage that the greatest hole in security on the average computer network is the network's users.

In 2006 Los Alamos fell victim to social engineering and phishing when its emails were stolen and ended up on the USB stick of a drug dealer found in a police raid. The emails contained data of simulated nuclear weapons tests considered sensitive.

At the time executive director of the Project On Government Oversight (POGO), Danielle Brian blasted Los Alamos for their lax security stating, "This appears to be a new low, even drug dealers can get classified information out of Los Alamos."

Expect more pressure for ORNL and LANL as the smoke of sensationalism begins to blow away, revealing atrocious security due to user stupidity. Looks like some of America's top minds have just fallen for the one of the oldest tricks in the hackers' book.

Posted on Reply
#20
mdm-adph
The biggest defense budget in the world, yet these jokers can't figure out how to properly isolate a database so that it's not available to the outside world. Great.

"Phishing emails with malicious attachments?" Why are they allowing emails to even have attachments at a facility like this? I'm not just second-guessing here, either -- this is just plain stupid.
Posted on Reply
#21
hacker111
WOW I thought the military would be harder to bypass than that...That seems to easy...:nutkick:
Posted on Reply
Add your own comment