PNNL Targeted With Sophisticated Cyber-Assault
A cyber-attack, recently, on the Pacific Northwest National Laboratory (PNNL) of Department of Energy (DOE) compelled IT personnel to close each and every computer at the facility, so the systems were de-linked from external access, in an effort to contain the destruction, published Eweek.com in news on July 6, 2011.
Adopting the same measures was another DOE laboratory, Oak Ridge, which discovered that somebody tried to access its networks for stealing data during April 2011. The lab revealed that the data breach occurred at the time a few employees followed one malevolent web-link through a particular spear-phishing or personalized electronic mail.
Apparently, sent from the human resource division of Oak Ridge National Laboratory, the e-mail contaminated a few PCs after installing on them an advanced Trojan, designed to steal data. The malware abused an un-patched vulnerability within Microsoft's Internet Explorer as also attempted at hunting and seizing specialized data from Oak Ridge.
Essentially, soon on realizing the security breach, authorities terminated almost the entire PC functioning so employees couldn't use the wireless network, e-mail, Internet access and SharePoint, while the IT personnel remained on duty over the otherwise work-off weekend trying to revive normal functioning. The laboratory further cut off all outside efforts for accessing the website as well as prevented any inbound e-mail request.
Meanwhile, KEPR reported that the PNNL attack seemed as being part of one broader assault taking place nearly the same period which targeted one national lab within the Ohio and Virginia main branches of Battelle Memorial Institute that ran PNNL. Seemingly, no classified information got hijacked then albeit a team of cyber-security specialists was yet investigating.
Says enterprise security evangelist Rafal Los of HP Software, it doesn't require any excessive imagination for perceiving that the cyber-criminals, irrespective of who they're, are possibly seeking certain things, perhaps some classified data, from the DOE computer network. Actually, they wanted network access and sensitive credentials and possibly even attained success in harvesting a little via the assaults. Evidently, by employing SQL-injection, the criminals acquired many login credentials via an Y12 National Security Website during June 2011, Los adds. Eweek.com published this.
» SPAMfighter News - 14-07-2011