The coordinated cyberattack into the nonclassified portion of a US nuclear laboratory may have originated in China, says a Homeland Security memo obtained by the New York Times. The memo includes a list of offending internet addresses associated with locations in China, but points out that hackers commonly bounce their signal off of compromised computers to obscure their trail.
Officials at the Oak Ridge National Laboratory said the attacks took the form of seven separate ‘phishing’ emails, made to look legitimate and sent thousands of times to lab employees, which contained surveillance software disguised as attachments. “At present we believe that about 11 staff opened the attachments, which enabled the hackers to infiltrate the system and remove data,” said the lab’s director. (More hacker stories.)