http://www.knoxnews.com/news/2007/dec/06/cyber-hackers-hit-ornl-visitor-data-potentially-ex/ By Frank Munger Knoxville News Sentinel December 6, 2007 OAK RIDGE - Oak Ridge National Laboratory was the target of a sophisticated cyber attack that potentially gave hackers access to the personal information of thousands of visitors to the lab from 1990 to 2004, the laboratory confirmed today. ORNL Director Thom Mason informed lab staff members of the issue earlier this week and said the lab would attempt to notify as many persons as possible whose personal information may have been stolen. Lab spokesman Billy Stair said today about 12,000 letters had been sent to potential victims. Mason outlined the general aspects of the attack, which included a number of phishing e-mails sent to staff members, but he concluded the note by saying: Because of the sensitive nature of this event, the laboratory will be unable for some period to discuss further details until we better understand the full nature of this attack. Phishing is the practice of sending official-looking e-mails to extract information from victims who believe them to be from legitimate institutions such as banks. Mason told staffers that the attack appeared to be part of a coordinated attempt to gain access to computer networks at numerous laboratories and other institutions across the country. He said ORNLs cyber security team has been working nights and weekends to try to understand the nature of the attack. A spokesman at Los Alamos National Laboratory, a weapons design laboratory in New Mexico, confirmed this afternoon that LANL also was attacked by hackers. Kevin Roark of Los Alamos would not discuss the hacking, except to say that it occurred on unclassified systems and was significant and sophisticated. He said Los Alamos employees were notified Nov. 4. The first potential corruption at ORNL occurred Oct. 29, lab officials said. Our review to date has shown that while every security system at ORNL was in place and in compliance, the hackers potentially succeeded in gaining access to one of the laboratorys non-classified data bases that contained personal information of visitors to the laboratory between 1990 and 2004, Mason said. At this point we have determined that the thieves made approximately 1,100 attempt to steal data with a very sophisticated strategy that involved sending staff a total of seven phishing e-mails, all of which at first glance appeared legitimate. Investigators believe that 11 staff members opened the attachment, enabling hackers to infiltrate the system and remove data, he said. Reconstructing the event will likely take weeks, if not longer, to complete, the ORNL director said. According to Mason, the personal information potentially vulnerable would be names, dates of birth and social security numbers of lab visitors. Stairs said the visitors would include scientists, university officials, industrial and business representatives, as well as members of the news media and many others who come to the national laboratory. He said it would not include young students who tour the laboratory. More details as they develop online and in Friday's News Sentinel. -=- Related blog - Frank Munger's Atomic City Underground: Los Alamos also hacked. http://blogs.knoxnews.com/knx/munger/2007/12/los_alamos_also_hacked.html __________________________________________________________________ Visit InfoSec News http://www.infosecnews.org/
This archive was generated by hypermail 2.1.3 : Thu Dec 06 2007 - 23:32:25 PST