Fighting malware and spam

Cyber attackers breach defences at secret US labs

Spearphishing and trojans penetrate research lab security.

At least one major US science lab, used to handle highly classified government and military material, has had its networks penetrated by hackers, using targeted email campaigns to sneak custom trojans onto systems and extract data. While no information has emerged on the source of the attacks, rumours of international espionage have been widespread.

The attack, on Oak Ridge National Laboratory in Tennessee, began in late October with a series of highly targeted emails aimed at tricking staff to run trojan software, according to a report released last Friday by PCWorld. With the network compromised, data on visitors to the labs in a 14-year period from 1990 to 2004 was harvested, including sensitive information such as social security numbers for thousands of high-level scientists and other experts.

The only details so far released have come from an email sent to employees by the director of Oak Ridge, but further possible breaches may also have occurred at Los Alamos National Laboratory in New Mexico, site of several earlier security leaks. With both labs regularly used for secret government and military work, many reports have suggested links to government-sponsored Chinese or Russian hackers.

The initial report from PCWorld is here. Further reports are here (in the New York Times), here (at ABCNews) or here (on DarkReading).

10 December 2007

Tags: data theft, hacking, spearphishing, trojan.