Hackers Launch Major Attack on US Military Labs

Hackers Launch Major Attack on US Military Labs

www.pcworld.com

Hackers have succeeded in breaking into the computer systems of two of the U.S.’ most important science labs, the Oak Ridge National Laboratory (ORNL) in Tennessee and Los Alamos National Laboratory in New Mexico.

(visit the link for the full news article)

I think this should be major news :|

www.pcworld.com
(visit the link for the full news article)

The Chinese are sizing up their opponent.

Congrats to whom ever is responsible. At least we heard about this one, this time.

In what a spokesperson for the Oak Ridge facility described as a "sophisticated cyber attack," it appears that intruders accessed a database of visitors to the Tennessee lab between 1990 and 2004, which included their social security numbers and dates of birth. Three thousand researchers reportedly visit the lab each year, a who's who of the science establishment in the U.S.

No small endeavour... Or was it?

If it was, what, really, does that say? What really does that say if it wasn't?

Drug dealers with USB flash drives containing Nuclear Weapons test data?

"Holy computer game story-line," Bat-fellows!

The possibility that the latest attacks were the work of fraudsters will be seen by some as optimistic - less positive would be the possibility of a rival government having been involved.

Indeed, there, indeed.

(Cough)

All hope that this was the work of script children, with a talent beyond their years at attacking military laboratories and a penchant for brave and elaborate plots. Or resourceful thugs, "rocking" the rather surreptitious greed-skull adornment. Because if it wasn't either, many a situation could go quite "wrong," here.

A further indeed.

Think about it.

Indeed, if the information or data was stolen or copied by the wrong people, government or group, who knows what could happened or already has?

My first response was a little bit off hand, I apologize.

But could it be a single or small group of youngsters?
.....
Or something a lot more sinister?

As I agree, I hope it is the first of the two.
And If so, employ the little perks so it hopefully doesn't happen again
Don't think anyone wants any sort of plague or weapon of one sort or anything running around free now

But could it be a single or small group of youngsters?

Prolly just a rogue band of Christmas Chipmunks, they get riled up this time of year.

China has said many, many times that Cyberwar is to be their force multiplier along with their anti-satellite systems. This should be no surprise. The fact that our defenses are so lame is an unpleasant surprise!

A database of SS numbers and names on a computer connected to the outside world? One word for that... DUMB.

Originally posted by sean
A database of SS numbers and names on a computer connected to the outside world? One word for that... DUMB.

IF that's really all they accessed. They won't say anything if it's worse.

"Because of the sensitive nature of this event, the laboratory will be unable for some period to discuss further details until we better understand the full nature of this attack," he added.

'Some period', as in decades from now when it's declassified right?

Well, I suppose at least they've said something about this one, or at least a section of information about it.
For everyone they tell anyone about, they must be another 5 or 6 they don't tell anyone about. No matter if they're serious or not, its still a breach of security and that is more than enough to be of a concern.

I was intrigued by the reference to

a drug dealer was allegedly found with a USB stick containing data on nuclear weapons tests.

This raised several questions in my mind so I tried to find a source. Although this "drug dealer" allegation is all over the Internet, I could not find the original report. I'm sure it's out there, I'll keep looking for it.

I did find a little more background on Los Alamos that I though was interesting,

Report of 18.07.2007 20:06

Million-dollar fine for IT security vulnerabilities in nuclear weapons research centre

The US Department of Energy (DOE) has ordered the University of California Berkeley to pay a fine of three million dollars due to inadequate security precautions in Los Alamos National Laboratory (LANL). In October of last year, a contract worker succeeded in taking confidential material from the intranet of the research institution and saving it on a USB stick. After this fact leaked to the public, the DOE ordered an in-depth investigation of the IT and other security precautions of the research centre located in a military no-go area in New Mexico.

The LANL is, among other things, active in the field of nuclear weapons development and manages the "Stockpile Stewardship and Management" program which is responsible for managing the infrastructure of the USA's existing arsenal of atomic weapons. For a long time, the LANL was solely run by the University of California. In June 2006, the management of the research institution, with its 6,000 or so employees, changed hands. Management was transferred to the Los Alamos National Security (LANS), a limited liability company, in which the University of California, the construction company Bechtel and two other companies hold shares.

Source

So, the data went from a "contract worker" to a "drug dealer?" And now the nation's nuclear program has essentially been outsourced via Bechtel and "two other companies..." Ay carumba...

It's amazing, yet again has another government has given the private sector something more.
But this time it's Nuclear Arms research and information!!!.
"Contractors" work for the highest bidder, and thus can't be trusted.

tu tu tu

I think the Air Force has taken up the duty of securing America's computer networks and being responsible for waging "cyber-warfare."

Too bad they suck at it. We keep hearing about successful cyber attacks on our major corporations and military networks. Viruses spread through our computers and business networks as fast as they ever did. Anyone remember the contractor that hacked into the nuclear power plant? He said he could do it again to any other nuclear plant in the U.S. just as easily. Yeah, way to be on the ball, Air Force.

What we don't hear about is the perpetrators being caught, brought to justice, or retaliated against. When it comes to our fighters, tanks, ships, special forces, and other weapons the military brags out of every orifice about them. So we know that if we can do something well, we don't hide it.

I was interested in such a job with the Air Force myself, so I looked into it on their web site. No college degree is required for it, it's not an officer's position. I'm sure it requires a high ASVAB score, but with something like that training and experience are the demand, not test results.

I just think that's absolutely retarded. If our military leaders were smart, they'd be looking for the best of the best for jobs like that. That would mean contracting with other companies who hire top-notch, college and tech school trained experts to do the security. When people can take control of our nuclear power plants from their computer, there's no freaking room for budget restrictions. At all.

Hiring whatever untrained, ill-experienced kid out of high school that wants the job and offering them a military salary to do work of that nature is just stupid, and ensure the United States will never, ever win any kind of "cyber war," ever. The smart countries leave such things to the professionals.

I must agree with you, It is quiet stupid to employ teenie bobbers to do a qualified and experienced technicians job of protecting such sensitive and volatile assets and infrastructures.
But if there is no such persons available...have no one?
Or persons whom have capabilities but without the documentation to go with it?
Little defense is better than none at all i presume.
But it is still a great worry as such
As we see it is a great risk that has and is being exploited by forces from both inside and foreign.