Y-12 Website Hit in Computer Strike

A computer-based assault on Sunday targeted a data cache tied to a public website for the Y-12 National Security Complex in Tennessee, forcing the website's temporary shutdown, the Knoxville News Sentinel reported (see GSN, April 25).

"The database did not contain any sensitive information and no Y-12-related activities were compromised," National Nuclear Security Administration spokesman Steven Wyatt said by e-mail. The Oak Ridge facility aids in updating U.S. nuclear weapons, salvages retired warhead parts for reuse and holds the bulk of U.S. weapon-usable uranium.

"The database was immediately taken out of service and is being analyzed by Y-12 cyber security staff," Wyatt wrote. "For this reason, Y-12's external website has been replaced with a temporary information page. At this point, there is no evidence that any plant-wide e-mail or internal computing services have been affected, nor has any classified or sensitive information been accessed or affected by this incident."

The facility does not store confidential material on computers linked to the Internet, and this week's strike did not compromise a guest list for an upcoming public event, the spokesman said.

"No personal information was impacted by this cyber attack," he said.

Characteristics of the strike distinguished it from "advanced persistent threat" attacks on the Oak Ridge National Laboratory in Tennessee and on other government offices and entities in past months, Wyatt added.

The entity responsible for the attack has publicized the user identification details for five Y-12 staffers, Forbes.com said in a report.

"The primary danger in an attack like this is that attackers might attempt to use the credentials that they obtain to access more sensitive systems," University of Utah assistant communications professor Sean Lawson said.

Wyatt did not elaborate on the Forbes.com report, but said the website would re-enter service on Tuesday (Frank Munger, Knoxville News Sentinel, June 14).

June 14, 2011
About

A computer-based assault on Sunday targeted a data cache tied to a public website for the Y-12 National Security Complex in Tennessee, forcing the website's temporary shutdown, the Knoxville News Sentinel reported (see GSN, April 25).