Attacks take Energy labs offline

PNNL, Jefferson temporarily shut down e-mail, Internet access after 'sophisticated' attack

Two Energy Department research facilities on opposite sides of the country have been taken offline by cyberattacks that appear to be the latest in a string.

Officials became aware July 1 that the Pacific Northwest National Laboratory in Richland, Wash., and the Thomas Jefferson Laboratory National Accelerator Facility in Newport News, Va., were under attack, PNNL spokesman Greg Koller said.

All network services initially were shut down at PNNL, but external e-mail had been restored by the afternoon on July 6, Koller said. Internal e-mail and some intranet connections have already been restored at the laboratory. The public website at www.pnl.gov remained offline July 6.


Related coverage:

Oak Ridge lab shuts down e-mail, Internet after cyberattack


“We expect we will be able to get them online over the next three days,” Koller said.

The Jefferson Lab website at www.jlab.org also was unavailable on Wednesday.

Battelle Memorial Institute of Columbus, Ohio, which manages the Pacific Northwest Lab and several others for the Energy Department and the United Kingdom, also came under attack July 1. Battelle spokeswoman Katey Delaney said e-mail and outside access was shut down over the weekend, but was restored on July 5. She said the attack still was being investigated and could not comment on whether it appeared to be connected with the Energy Department attacks.

An Energy spokesman said no DOE facilities other than Pacific Northwest and Jefferson Lab appeared to be under attack as of July 6. He said investigators were “actively looking at the source of the attack,” but for security reasons would not release any of that information.

Koller said that security officials have gathered information about the nature of the attack and its source, but have not released it. He said there is no indication that any classified information has been compromised.

The Pacific Northwest lab has about a staff of about 4,900 persons, about 4,500 of them working at the Richland facility, with an annual budget of about $1 billion. Roughly half of its work is in national and homeland security research, with the most of the rest in the areas of energy and the environment.

The Jefferson Lab has 720 full time employees and 1,258 facility users and does work in nuclear physics and technology. In fiscal 2009, it had funding of $115 million, most of it from the DOE Office of Science.

Koller said that the disruptions caused by the attack were minimized by the holiday. “We have a fair number of people on vacation this week anyway,” he said. For others, it has meant extra work. “Through the long weekend we had folks working around the clock trying to fix the problem.” On the Fourth, Koller said, he counted 50 cars in the parking lot of an information services building on the PNNL campus.

By late evening of Tuesday, July 5, internal e-mail and some intranet access was restored, although external connections will remain down until malicious code delivered by the attack can be isolate and removed, and patches installed to fix vulnerabilities. Restoration of services is expected to continue through the rest of the week in what Koller called a “slow, gradual ramp-up.”

Although more details on the Pacific Northwest and Jefferson lab attacks were not immediately available, the incident appears to be the latest in a series of attacks targeting government and contractor systems.

In April, Internet access to the Oak Ridge National Laboratory was shut down for more than a week in the wake of a breach in which malicious code was introduced through a successful spear-phishing attack. At the time, the code was described as “very sophisticated,” and apparently designed to steal information from the lab’s network.

Both Oak Ridge and Pacific Northwest are managed by Battelle. Koller said there is frequent exchange of personnel between the two labs, and that lessons learned from the Oak Ridge incident are being applied at PNNL.

 

About the Author

William Jackson is a Maryland-based freelance writer.

Featured

  • Defense
    The U.S. Army Corps of Engineers and the National Geospatial-Intelligence Agency (NGA) reveal concept renderings for the Next NGA West (N2W) campus from the design-build team McCarthy HITT winning proposal. The entirety of the campus is anticipated to be operational in 2025.

    How NGA is tackling interoperability challenges

    Mark Munsell, the National Geospatial-Intelligence Agency’s CTO, talks about talent shortages and how the agency is working to get more unclassified data.

  • Veterans Affairs
    Veterans Affairs CIO Jim Gfrerer speaks at an Oct. 10 FCW event (Photo credit: Troy K. Schneider)

    VA's pivot to agile

    With 10 months on the job, Veterans Affairs CIO Jim Gfrerer is pushing his organization toward a culture of constant delivery.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.