Energy labs recovering from cyberattacks

Two Energy Department labs hit with a cyberattack over the July 4 weekend are recovering.

The Thomas Jefferson National Accelerator Facility in Newport News, Va., is back online and in the process of restoring its website as officials investigate the attack.

“We have a partial website up” at www.jlab.org, said public affairs manager Dean Golembeski. “We are still in the process of evaluating what happened.”

The Jefferson Lab, came under attack July 1, along with the Pacific Northwest National Laboratory in Washington state. PNNL shut down all network access July 1 but began restoring internal communications over the weekend. External e-mail at PNNL was restored on the afternoon of July 6, but the lab’s website remained off-line as of today.


Related coverage:

Cyberattacks take two Energy labs offline

Oak Ridge lab shuts down e-mail, Internet after cyberattack


Battelle Memorial Institute of Columbus, Ohio, which manages PNNL and several other DOE facilities, also came under attack July 1 and shut down e-mail and outside access over the weekend. Those services were restored July 5, a spokesperson said.

Golembeski said the Jefferson Lab did not lose e-mail access and its website was available sporadically over the weekend. The lab was in the process of redesigning the site before the interruption, and redesigned elements are being put online to let teams focus first on the parts used by outside scientists who conduct research at the facility.

The lab does not perform classified work or hold any classified information, Golembeski said. Its accelerator provides research facilities for about 1,300 scientists worldwide who are doing basic research in nuclear physics.

No details about the nature of the attack have been released. Golembeski said it has been characterized only as a cyberattack by an unidentified party.

The incident came a little more than two months after a spear-phishing attack introduced malicious code into the Oak Ridge National Laboratory's network in April, which shut down the lab’s Internet access for more than a week.

About the Author

William Jackson is freelance writer and the author of the CyberEye blog.

Reader comments

Fri, Jul 8, 2011 David Alabama

As I said in my second (corrected) email, all of the Battelle labs, have a trust relationship. If a couple have been hit, then more are to come. If I had to guess, this trojan or whatever it might be, likely has an activation date/time and it will hit them at various times. Just my 2 cents.

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above