Highly-Sensitive American Laboratory Attacked With Phishing E-Mail

U.S' Oak Ridge National Laboratory (ORNL) encountered a security breach the second one from the time of year 2007 when phishing e-mails fooled employees thus leading to many of its PCs getting hacked. The Register published this in news on April 19, 2011.

Reportedly, the phony phishing e-mails contained a web-link when they first infiltrated computers of the laboratory on April 7, 2011 and abused one critical security flaw within Internet Explorer which Microsoft patched lately. The vulnerability was exactly the one with which a security investigator won $15,000 as prize during a just concluded hacking contest namely Pwn2Own.

Stated Thom Mason Director of Oak Ridge National Laboratory, the laboratory thought it right to shutdown its Internet connection so no data could go out from its systems as the infected computer was quarantined and cleaned up. Knoxnews.com published this on April 19, 2011.

Mason further stated that the laboratory's experts carried out a monitoring task over the security breach, while suggesting additional measures once it appeared that attempts were going on for deleting data off the ORNL computers.

Meanwhile according to deputy lab director Thomas Zacharia of Oak Ridge National Laboratory, of all the staff members in whose inboxes the rogue e-mail landed, 57 opened it. As a result, a malware program got installed on their computers that abused an IE bug and thus facilitated the hijacking of two PCs. Thereafter one compromised PC disseminated the malicious program onto other computers on the network.

Understandably, malware inflicting organizations with highly sensitive data is seemingly getting frequent. The ORNL said that the attack was due to an APT (advanced persistent threat), which apparently different people perceived differently.

And when Mason was queried regarding the origin of the attack as probably being China, he said that the investigation wasn't over yet therefore, it couldn't be speculated as to in which direction developments were heading. Knoxnews.com published this on April 19, 2011.

Nevertheless, according to Mason, a few PCs were taken away and isolated. In addition he substantiated that the current spoofed electronic mails purported to be from the HR department of ORNL.

Related article: Highly Dangerous Flaw Discovered in QuickTime

» SPAMfighter News - 4/27/2011