US Nuclear weapons R&D labs slammed by massive cyber attack

[Schadenfroh]

http://www.isssource.com/oak-ridge-fights-off-cyber-attack/

After a sophisticated cyber attack that forced Oak Ridge National Laboratory to shut down its Internet connection for two weeks, employees are now back on line.
...
Laboratory Director Thom Mason has characterized the remotely directed attack as an Advanced Persistent Threat, which takes hold unobtrusively and gradually broadens its reach inside computer networks in an effort to steal technical data and intellectual properties.
...
The lab’s investigation, beefed up by experts from other national labs, federal agencies and computer-related companies, indicated the malware entered ORNL systems April 7 after multiple lab employees clicked on a link in a phishing email disguised to look like benefits information from ORNL’s human resources department. A temporary vulnerability in the Internet Explorer software facilitated the entry.

As many of you know, Oak Ridge and Y-12 manufacturers and researches nuclear weapons and their components. It is also home to some of the most powerful supercomputers in the nation as well as cutting edge energy and climate change research.

Looks like a targeted phishing attack, possibly browser exploit? Somehow, I doubt they were after our nation's climate change research...

Care to place any bets on which nation's "rogue, misguided patriots" committed this attack?

 

[MotF Bane]

China!

 

[freegeeks]

dropping Internet Explorer would be a good start security wise

 

[PokerGuy]

Can someone explain to me why the hell critical systems and nuclear weapons research information is connected to the internet at all? With the cost of computers and equipment so low these days, there's no reason you can't segment out all that stuff and make it so that 'everyday use' computers that are hooked up to the internet (and thus exposed to attack) are not connected to the secret good stuff.

 

[MotF Bane]

Can someone explain to me why the hell critical systems and nuclear weapons research information is connected to the internet at all? With the cost of computers and equipment so low these days, there's no reason you can't segment out all that stuff and make it so that 'everyday use' computers that are hooked up to the internet (and thus exposed to attack) are not connected to the secret good stuff.

Good security is inconvenient and expensive.

 

[Matt1970]

They got attacked by Fakeware? Nice...

 

[PokerGuy]

Good security is inconvenient and expensive.

Yeah, that's true, and if we were dealing with "general" kind of stuff, that would be a good reason to lean more on the cost/convenience side of things, but when it comes to top secret sensitive stuff, it makes absolutely no sense to me why that information is in any way connected to the internet directly.

 

[rudder]

dropping Internet Explorer would be a good start security wise

Not allowing people to surf the web while designing nukes is a good move also. God forbid any of those nuke techs find their way to ATOT.

 

[Lemon law]

Israel could well be in the running too as the hackers.

But I agree, there may be something vastly wrong with the computer security at Oak Ridge. But maybe not if no sensitive data was compromised.

The oak ridge folks were kinda mum on that subject, even if they confessed the hack took a full eight days to clean out.

 

[1prophet]

Good security is inconvenient and expensive.

And is usually one of the first things to get cut ,

On a side note I highly recommend if you're in the Oak Ridge area in Tennessee to visit the science museum there.

http://www.amse.org/#

 

[rcpratt]

Can someone explain to me why the hell critical systems and nuclear weapons research information is connected to the internet at all? With the cost of computers and equipment so low these days, there's no reason you can't segment out all that stuff and make it so that 'everyday use' computers that are hooked up to the internet (and thus exposed to attack) are not connected to the secret good stuff.

I seriously doubt that they allow critical systems to be connected.

 

[Pens1566]

Can someone explain to me why the hell critical systems and nuclear weapons research information is connected to the internet at all? With the cost of computers and equipment so low these days, there's no reason you can't segment out all that stuff and make it so that 'everyday use' computers that are hooked up to the internet (and thus exposed to attack) are not connected to the secret good stuff.

If it's a classified system, it isn't connected. I'm guessing the infected machines were personal office pcs used for non critical work.

 

[Fear No Evil]

Israel could well be in the running too as the hackers.

But I agree, there may be something vastly wrong with the computer security at Oak Ridge. But maybe not if no sensitive data was compromised.

The oak ridge folks were kinda mum on that subject, even if they confessed the hack took a full eight days to clean out.

Jesus H Fucking Christ, can you NOT bring up Israel in a thread?

 

[sao123]

Israel could well be in the running too as the hackers.

But I agree, there may be something vastly wrong with the computer security at Oak Ridge. But maybe not if no sensitive data was compromised.

The oak ridge folks were kinda mum on that subject, even if they confessed the hack took a full eight days to clean out.

lollerskates... you couldnt resist could you.
israel already has nukes... they dont need our nuclear secrets.

 

[ElFenix]

1st rule of security is never click on links in email.

 

[davmat787]

This news seems relevant, although it could deserve its own thread.

US warns: hack us, and we might bomb you

“Certain hostile acts conducted through cyberspace could compel actions under the commitments we have with our military treaty partners,” says the document. “When warranted, the United States will respond to hostile acts in cyberspace as we would any other threat to our country.”

Military force will only be used as a last resort after other diplomatic and economic remedies are attempted, but the US government has certainly realized the value of the Internet and has no intention of sitting quietly while corporate and governmental computer systems are attacked with impunity.

http://arstechnica.com/tech-policy/...-military-response-to-severe-cyberattacks.ars

 

[MotF Bane]

We have 300 million people; including multiple generations of computer-savvy users. And yet we'd have to resort to bombing people, instead of just magically fragging their entire networks from home? :/

 

[William Gaatjes]

Israel could well be in the running too as the hackers.

But I agree, there may be something vastly wrong with the computer security at Oak Ridge. But maybe not if no sensitive data was compromised.

The oak ridge folks were kinda mum on that subject, even if they confessed the hack took a full eight days to clean out.

I doubt that Israel is behind the attack. Are Israel and the US not technological partners ? If i recall correctly, a lot of US tech beasts have research facilities in Israel. Why would there not be shared research when it comes to nuclear research ? It does not make sense.

But i agree, that kind of research should be locked out.

 

[wuliheron]

We have 300 million people; including multiple generations of computer-savvy users. And yet we'd have to resort to bombing people, instead of just magically fragging their entire networks from home? :/

One such hostile act would be if a country attacked our infrastructure such at he electric grid. Bring down the grid is definitely an act of war and a possible prelude to invasion that requires swift and immediate countermeasures beyond merely hacking them back.

 

[irishScott]

We have 300 million people; including multiple generations of computer-savvy users. And yet we'd have to resort to bombing people, instead of just magically fragging their entire networks from home? :/

Why not a combo? Trace the attack, figure out where the "misguided patriots" are hacking from and send in a couple of B-2s. Nice and targeted, sends a clear message.

 

[wuliheron]

China's just fishing again boys. A few years ago they proved so competent and sneaky at stealing secrets from the government they helped rewrite the book on security. Now they're trying computer hacking and by all accounts they aren't terribly good at it and haven't gotten much of any use. The real experts at hacking foreign computers is likely the US.

 

[rudder]

We have 300 million people; including multiple generations of computer-savvy users. And yet we'd have to resort to bombing people, instead of just magically fragging their entire networks from home? :/

Not everyone is patriotic enough to join in on counter attacking a cyber threat. A counterattacks effectiveness would be diminished because the participants would be too busy arguing dem vs rep.

Bomb them so bad the only way they can use a computer is one of those $100 hand cranked laptops.

 

[MotF Bane]

Not everyone is patriotic enough to join in on counter attacking a cyber threat. A counterattacks effectiveness would be diminished because the participants would be too busy arguing dem vs rep.

Bomb them so bad the only way they can use a computer is one of those $100 hand cranked laptops.

My point is not to bury them with numbers, but that with such a large computer-literate pool, we should have some people as skilled or more so than the attackers.

 

[rudder]

China's just fishing again boys. A few years ago they proved so competent and sneaky at stealing secrets from the government they helped rewrite the book on security. Now they're trying computer hacking and by all accounts they aren't terribly good at it and haven't gotten much of any use. The real experts at hacking foreign computers is likely the US.

http://www.zdnet.com/news/report-us-net-traffic-was-hijacked-through-china/485082

Not terribly good at it.. hmm.

 

[JEDIYoda]

Care to place any bets on which nation's "rogue, misguided patriots" committed this attack?

Hamas??