Russian Federation Sets New Science Priorities As 5 US Labs Are Breached

image of accelerator at Large Hadron Collidor
2011 may be the worst year on record for cybersecurity breaches at U.S. national labs and related facilities: 5 breaches in 6 months:
April 11:
- Oak Ridge National Laboratory (managed by Battelle)
- Method of attack - spear phishing w/ 0day payload
June 11:
- Y-12 National Security Complex (managed by BWX, a member of the Battelle Energy Alliance)
- Method of attack: SQL injection
July 1:
- Battelle Memorial Institute
- Pacific Northwest National Laboratory (managed by Battelle)
- Thomas Jefferson National Accelerator Facility (managed by CSC via Jefferson Science Associates)
- Method of attack: un-specified but spokespersons referred to it as "sophisticated" and all three labs stopped email and internet services for several days.

In the meantime, today President Medvedev signed into law a decree establishing the priority areas and critical technologies of the Russian Federation:

Priority Areas:

  1. Security and counter-terrorism
  2. Nanotechnology
  3. Information and Telecommunication Systems
  4. Life Sciences
  5. Advanced Weapons
  6. Biotechnology
  7. Transportation and Space Systems
  8. Clean energy technology including nuclear power

List of Critical Technologies:

  1. Basic and critical military and industrial technology for the development of advanced weapons, military and special equipment
  2. Basic technologies of power electronics
  3. Biocatalytic, biosynthetic and biosensor technology
  4. Biomedical and veterinary technology
  5. Genomic, proteomic and post-genome technologies
  6. Cell technologies
  7. Computer modeling of nanomaterials, nanodevices and nanotechnology
  8. Nano-, bio-, information and cognitive technologies
  9. Technology of nuclear energy, nuclear fuel cycle, safety of radioactive waste and spent nuclear fuel
  10. Technology Bioengineering
  11. Diagnostic technologies of nanomaterials and nanodevices
  12. Access technology to broadband multimedia services
  13. Information technology, control and navigation systems
  14. Technology nanodevices and microsystems engineering
  15. Technology of new and renewable sources of energy, including hydrogen energy
  16. Technology acquisition and processing of structural nanomaterials
  17. Technology acquisition and processing of functional nanomaterials
  18. Technology and software and distributed high performance computing systems
  19. Technologies for monitoring and forecasting of the environment, prevent and eliminate pollution
  20. Search technology, exploration and development, mining
  21. Technology in disaster situations - natural and manmade
  22. Technologies to reduce losses caused by social diseases
  23. Technology creating high-speed vehicles and intelligent control systems with new modes of transport
  24. Technology of creation of space-rocket and transport equipment of new generation
  25. Imaging technology electronic components and energy-efficient lighting devices
  26. Technologies create energy efficient transportation, distribution and use of energy
  27. Energy efficiency of production and conversion of energy to fossil fuels
The draft decree was sent out for approval to the State bodies on 20 May, 2011. It was signed into law on 07 July 2011. The above language is a machine translation from Russian to English.

My objective for this post is not to accuse the Russian government of being responsible for one or more of the breaches at the 5 national labs listed above, however when attribution is considered, the RF must be included in the group of state suspects. They provide extensive training to their security services in Information Security TTPs. They have a long history of conducting industrial espionage. And they have a critical need for some of the research that's being conducted at the targeted labs. That's not enough to "convict" anyone, but its certainly enough to make the Russian Federation and its Eastern European hacker crews "persons of interest".

Related Posts:
Three U.S. National Labs Attacked On July 1
The 2011 Russian Federation Information Security Reference