14 DAY TRIAL // Two national laboratories were forced to suspend Internet and email service last week in order to investigate the extent of cyber attacks targeting their networks.
The Pacific Northwest National Laboratory (PNNL), in Richland, Washington, is doing research in the counterterrorism, science, nuclear non-proliferation and information security fields.
On July 1, PNNL officials detected a cyber attack and acted to minimize the impact by disconnecting the facility's network from the Internet, cutting email and SharePoint access and suspending the wireless network.
At the time of writing this article, the lab's website remains offline and the IT staff are working to assess the impact and restore full Internet access.
"The good news is no classified information has been comprised or is in danger from this attack," PNNL spokesman Greg Koller told Reuters.
"At this time, we have not found any indication of ‘exfiltration’ of information from our unclassified networks as well," he added.
Meanwhile, officials from the Thomas Jefferson National Laboratory in Newport News, Va., also suspended Internet and email access because of a cyber attack. The facility performs physics research.
The type of attacks that targeted the two laboratories has not been disclosed, but the Oak Ridge National Laboratory (ORNL) took similar actions in April after two computers were infected as a result of spear phishing.
Rogue emails purporting to come from the lab's own human resources department were sent to 530 employees. The messages included a link to a zero-day Internet Explorer vulnerability.
The two infected computers laid dormant for a week before starting to siphon out information. The unauthorized traffic triggered alerts and allowed the lab to react immediately.
The ORNL attack carried a great level of sophistication. This suggests a cyber espionage attempt and is probably what occurred in the case of the newly targeted labs as well.