Skip to main content

Home/ CIS@ULM Information Security/ Group items tagged breach

Rss Feed Group items tagged

Filter: All | Bookmarks | Topics Simple Middle
William Barnett

Top Federal Lab Hacked in Spear-Phishing Attack | Threat Level | Wired.com - 0 views

www.wired.com/...oak-ridge-lab-hack

infosec Infowar security malware SpearPhishing phishing socialengineering

shared by William Barnett on 20 Apr 11 - No Cached
  • the intrusion came in the form of a spear-phishing email sent to lab employees on April 7. The e-mail, purportedly sent from the human resources department, discussed employee benefits and included a link to a malicious web page, where malware exploited the IE vulnerability to download additional code to users’ machines
  • About 530 employees received the e-mail — out of about 5,000 workers — but only 57 people clicked on the malicious link in the correspondence. Out of this, only two machines got infected with the malware.
  • April 11, administrators discovered a server had been breached when data began leaving the network. Workers cleaned up the infected system, but early Friday evening “a number of other servers suddenly [went] active with the malware,” Zacharia said. The malware had apparently laid dormant for a week before it awoke on those systems. That’s when the lab blocked internet access. Zacharia said the malware “masked itself” on systems and was designed to erase itself if it tried to compromise a system and was unsuccessful.
  • ...1 more annotation...
  • It’s not the first time the lab has been breached through spear phishing. In 2007, a similar attack allowed hackers to access a nonclassified database at the lab and gain access to thousands of names, Social Security numbers and birth dates belonging to anyone who had visited the lab between 1990 and 2004.
1 - 8 of 8
Showing 20 items per page