Dec12
5:12 am (UTC-7)   |   by Jake Soriano (Technical Communications)

Michael Jackson even had a song about it: Human Nature. There’s your weakest linkand one that hackers repeatedly take advantage of and manipulate.

Reports confirm that hackers have successfully broken the Oak Ridge National Laboratory (ORNL) in Tennessee, an institution in the United States that conducts highly sensitive research. While little is known of it, it also appears that the sister-institution of ORNL, the Los Alamos National Laboratory in New Mexico, was also hacked. These are two of the United States’ more important research labs, where homeland security and military researches are conducted.

Investigations reveal that seven (only seven) phishing emails were directly involved in the breach. The said email messages were sent to lab employees. It was still unclear what these messages did specifically, but experts say they probably had malicious attachments in them.

Waves of phishing emails reportedly began in October, with employees as specific targets. The attackers managed to access a non-classified computer of ORNL that contained the personal information of people who visited the research laboratory since 1990.

The targeted attacks on these two institutions and the success of the hackers had analysts calling them “a sophisticated cyber attack that now appears to be part of a coordinated attempt to gain access to computer networks at numerous laboratories and other institutions across the country.”

Analysts, though, are careful in naming explicit architects of the attack. The angles range from a government-sponsored espionage to the work of a small crime organization.

What is interesting is that this would not be the first attack of this kind on institutions like the abovementioned laboratories. Los Alamos, in fact, has been the subject of not just one, but several breaches in recent years.

At the center of all these security breaches and hacking attacks is the individualone with a trusting, or non-questioning, nature. The lesson learned here is that a huge and imposing organization is still made of people, and when these people are not well informed on how to stave off potential security attacks, the whole organization suffers.

If you're new here, you may want to subscribe to our RSS feed. Thanks for visiting!



This entry was posted on Wednesday, December 12th, 2007 at 5:12 am and is filed under News . Responses are closed, but you can trackback from your own site.



Comments are closed.


Patch Tuesday, December Edition
November Malware Roundup


 
TrendWatch Hijack This Web Protection Add-On
Free Online Virus Scan Rootkit Buster Submit Suspicious Files
Global Malware Map RUBotted? Trend Micro
 



    		 
© Copyright 2009 Trend Micro Inc. All rights reserved. Legal Notice