World's No. 2 Supercomputer Hit By Email Scam

In one of the more embarrassing security breaches of all time, a major government laboratory has fallen victim to a phishing scam. Fortunately, the stolen data wasn't among the most confidential information in the centre's database.

The scammers struck at the Oak Ridge National Laboratory in Oak Ridge, Tennessee, a town known for its role in the Manhattan Project. The laboratory works with the Department of Energy on subjects that require intense computing power to help simulate millions of possible outcomes to particular scenarios.

The lab is host to Jaguar, the world's second-fastest supercomputer, capable of carrying out 1,600 trillion calculations per second.

A lab spokeswoman has now confirmed that on April 7 more than 570 bogus emails were sent to staff at the facility and that some people clicked on links in the messages. One report suggests that more than 50 people did so. (Source: informationweek.com)

So-Called "Benefits" Prove a Detriment

The messages were in fact part of a so-called spear-phishing attack, where an email is purportedly coming from a legitimate e-mail sender that contacts a specific group of people. In contrast, a general 'phishing' attack sends a generic email message to thousands or millions of people in the hope of fooling some of them.

In this case, the bogus message alleged to be about a benefits package for employees at the lab, with a link to 'further details.' Clicking on the bogus link led to a web page with malware.

While the link did not affect all computers, two machines were compromised by a virus, which used an exploited a flaw in Microsoft's Internet Explorer. The lab says it discovered the resulting virus quickly and tracked it for a week to make sure it wasn't doing any damage.

Officials Play it Safe

On April 15 officials decided the safest way to block the virus was to cut off the lab from the Internet and external email, while keeping an internal email system open. They now believe the problem is under control. (Source: scmagazineus.com)

Around one gigabyte of data is known to have been extracted from the lab's network by the virus, though it was in encrypted form, lessening the likelihood of it being of any use to hackers.

The lab has stressed that the most confidential data it handles is on an internal network that is never connected to the outside world.