Tuesday, April 19, 2011

Oak Ridge National Lab Offline

A highly sophisticated cyber attack -- known as Advanced Persistent Threat or APT -- forced Oak Ridge National Laboratory to shut down all Internet access and email systems over the weekend.

Those restrictions will remain in place until lab officials and others investigating the attack are sure the situation is well controlled and manageable, ORNL Director Thom Mason said today.

Mason said he expects that email functions may be restored Tuesday on a limited basis, with no attachments allowed and restrictions on length. He said he couldn't speculate on when Internet access will be restored fully, even though the shutdown limits many of the lab's functions.

"We made the decision (at about midnight Friday) to close down the connection to the Internet to make sure there was no data exfiltrated from the lab while we got the system cleaned up," he said.

The lab's cyber specialists had been monitoring the attack and recommended further action after it looked like efforts were underway to remove data from ORNL systems, Mason said.

Mason said the APT at ORNL is similar to attacks in recent times on Google, a security company known as RSA and other government institutions and corporations.

"In this case, it was initiated with phishing email, which led to the download of some software that took advantage of a 'zero day exploit,' a vulnerability for which there is no patch yet issued," he said. The vulnerability involved Internet Explorer, he said.


bah.

No comments: