PNNL still recovering from cyberattack

RICHLAND -- Pacific Northwest National Laboratory still is recovering from a sophisticated cyberattack July 1.

Email, intranet, SharePoint, voice mail and access to the wireless network were restored by Wednesday. Blackberry service was restored Thursday night.

However, the work week ended with PNNL websites still down and about 4,900 employees not able to access the internet at the Richland lab.

"They will be restored once we are able to add the appropriate security patches and when we can guarantee we are not vulnerable to further attacks of this nature," said Greg Koller, PNNL spokesman.

No classified information was compromised or in danger of being compromised in the cyberattack. In addition, the lab has not found any indication that information from unclassified networks has been compromised, Koller said.

PNNL staff have been working around the clock for eight days to diagnose and fix the problem.

The lab's cybersecurity professionals routinely help government agencies, law enforcement and the intelligence community detect and protect themselves against cyberattacks.

Those in-house experts have been working with the lab's information technology staff to assess the attack and then provide the expertise to help repair and restore PNNL systems, Koller said.

"In fact, some of the tools they've developed for other agencies to detect attacks were employed here," he said.

Also targeted in the attack were Battelle's corporate headquarters in Columbus, Ohio, and the Thomas Jefferson National Laboratory in Virginia.

It's not surprising that PNNL would be targeted, as its computers hold intellectual property, unpublished scientific results, classified information and a host of sensitive information that could be of interest, Koller said.

The Department of Energy lab in Richland is on the forefront of major issues that include enhancing the power grid to reduce dependence on imported oil, protecting the nation from acts of terrorism, and designing materials and chemicals for efficient use or production of renewable energy.

It's the target of more than 4 million cyberattacks each day.

"The vast majority of these attacks are simple to detect and defend," Koller said. "This attack is much more sophisticated."

When the cyberattack was discovered July 1, systems immediately were shut down as a precaution.