Cyber Attack Forces Internet Shut Down For DOE Lab
The Pacific Northwest National Laboratory (PNNL), located in Richland, Wash., is a government research facility that analyzes information on information security, science, nuclear non-proliferation and counterterrorism.
PNNL officials first detected the attack on July 1, according to reports. Upon discovering the attack, system administrators disconnected all Internet and e-mail access, including SharePoint, and the facility’s wireless network in order to assess the damage and protect systems.
As of Friday afternoon, visitors to the PNNL Web site were subjected to a maintenance message reading “Web Services Unavailable. The web page you are trying to browse is currently unavailable due to system maintenance. Services will be restored soon.”
“Full access will be restored once we can repel further attacks,” according to a Pacific Northwest National Laboratory Twitter post .
Internal e-mail was restored earlier this week, according to local CBS affiliate news site KEPRTV.com , but employees were still without Internet access and external e-mail.
Meanwhile, the lab’s IT staff worked through the July 4 holiday weekend to secure systems and get them back online.
While the attack was stopped, workers are continuing to assess what information was taken and check to make sure that all intrusions were detected and eradicated.
Thus far, it is unclear what data was accessed from PNNL’s computer systems.
“The good news is no classified information has been comprised or is in danger from this attack,” PNNL spokesman Greg Koller told Reuters . “At this time, we have not found any indication of ‘exfiltration’ of information from our unclassified networks as well.”
The PNNL attack appears to be part of a larger cyber effort that also targeted Thomas Jefferson National Laboratory in Newport News, Va., and Battelle Corp., a government contractor that oversees PNNL, according to Reuters.
The PNNL attack follows weeks after hackers launched a cyber assault on the Oak Ridge National Laboratory in Tennessee in mid-April.
Like PNNL, the Oak Ridge facility was forced to shut down its email and Internet services on April 15 following a spearphishing attack that occurred when employees were tricked into clicking on a malicious link embedded in an e-mail appearing to be legitimate. The link directed the employees to a malicious Web site that exploited a critical vulnerability in Internet Explorer, which allowed the hackers to an install information-stealing Trojan onto the facility’s computer systems that acquired classified information.
Meanwhile, attackers have flexed their hacking muscles by targeting a slew of government agencies in recent months, including previously impenetrable defense contractors and government agencies such as Lockheed Martin , RSA and the International Monetary Fund .