Energy lab still offline in wake of July 1 attack

Ten days after being targeted by what a spokesman called a “highly sophisticated cyber attack,” the Energy Department’s Pacific Northwest National Laboratory in Richland, Wash., remains cut off from most of its Internet access as staff works to find and correct problems.

Internal e-mail and intranet services and some external services were restored last week, but the lab’s Web site at remained down July 11 and the lab still has no Internet connection.

“There is no estimated timeline for restoring remote services,” said PNNL spokesman Greg Koller. “They will be restored once we are able to add the appropriate security patches and when we can guarantee we are not vulnerable to further attacks of this nature.”

Related coverage:

Cyberattacks take two Energy labs offline

Ongoing storm of cyberattacks is preventable, experts say

Koller said staff has been working around the clock since July 1 to restore services, but that no classified information was threatened in the incident and that there is no indication that information from the lab’s unclassified networks has been compromised.

Pacific Northwest is one of two Energy Department labs targeted in the attack. The Thomas Jefferson Laboratory National Accelerator Facility in Newport News, Va., also went offline for a period after the attack was discovered, but restored Internet services and began rebuilding its Web site at last week.

Battelle Memorial Institute of Columbus, Ohio, which manages the Pacific Northwest Lab and several others for the Energy Department and the United Kingdom, also came under attack July 1. E-mail and outside access was shut down over the holiday weekend but was restored on Tuesday, July 5.

Pacific Northwest Lab became aware of the attack July 1 and as a precaution quickly shut down most internal network services, including e-mail, SharePoint, a wireless network, voicemail and Internet access. Internal e-mail services and intranet services were restored July 5. Other services, including as SharePoint, voice mail and access to the wireless network (without Internet access) were gradually restored, and external e-mail restored July 6. BlackBerry service was restored late July 7.

Koller said that because of PNNL’s cybersecurity analytics and research, and its assistance to other agencies and law enforcement, it is not surprising that the lab was targeted.

“We are on the front-lines of many of today’s major issues, from enhancing the power grid to reducing dependence on imported oil, and designing materials and chemicals for novel energy solutions to protecting our nation from acts of terrorism,” he said. In-house expertise gained in helping other organizations analyze and respond to attacks was used in responding to this incident, he added.

Koller said the lab routinely repels more than 4 million probes and attempts against its external network defenses each day. “The vast majority of these attacks are simple to detect and defend,” he said. “This attack is much more sophisticated.”


About the Author

William Jackson is a Maryland-based freelance writer.


  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected