Data-Stealing Worm Penetrates Energy Lab

An Energy Department lab that studies nuclear fusion, biotechnology and supercomputing reportedly was hit by a silent cyberattack earlier this month that has prompted officials at the Oak Ridge National Laboratory to cutoff researchers' e-mail and Internet access.

Jaikumar Vijayan at Computerworld wrote on Tuesday night that the systems should be back up later this week, once investigators are sure they have contained the suspected worm, an advanced persistent threat.

APTs typically infiltrate a target by e-mailing its employees messages purportedly from legitimate associates that ask the employee to submit personal information, such as passwords, and then harvest this information to access the systems they are after. Once inside the network, the perpetrators often try to extract data -- perhaps proprietary designs or classified information.

In this case, the attackers - who are still unknown -- seemed to want technical data from the lab's systems, according to the article.

Oak Ridge officials said other national laboratories and government entities were hit by the same malicious computer program, Computerworld reported.

Last month, an APT worked its way into a system belonging to computer security firm RSA that contained information related to smart card IDs and keyfob credentials used by many federal personnel.