TMCnet News
China again tops foreign visitor rolls at ORNLOAK RIDGE, Feb 27, 2013 (The Knoxville News-Sentinel - McClatchy-Tribune Information Services via COMTEX) -- Oak Ridge National Laboratory is an important player in the world of science, and scientists from more than 100 foreign countries visited the Oak Ridge campus last year, led -- once again -- by a large contingent from China. Nearly a fourth of ORNL's 7,706 foreign visitors in 2012 came from China. The 1,760 guests from China were more than twice as many as the next country, India, and far more than any other country -- a situation that has existed for at least five years, perhaps longer. Chinese scientists come to Oak Ridge to collaborate and exchange ideas with researchers from around the globe and to take advantage of the Spallation Neutron Source and other world-leading research facilities. ORNL works on open science projects with a number of institutions in China's burgeoning research-and-development enterprise, which is pouring billions of dollars into nanoscience labs, high-end supercomputing and development of nuclear and alternative-energy sources. Now more than ever, however, China is being accused of broad-based cyber espionage, and there are hints that the cyber attacks to gain economic advantage could begin to erode science relationships. Lab Director Thom Mason said as much this week when asked about the strong presence of Chinese scientists at Oak Ridge, as well as the possibility that China could have been behind a disruptive cyber attack on ORNL systems in 2011. "We are interested in collaborative R&D in scientific areas (of) mutual interest, but it becomes increasingly difficult in an environment where we are under attack," Mason said. Mason said the lab needs to work with the best in order to achieve great science, but also said lab officials need to "have open eyes about the risks." Concerns were validated by a report released last week by U.S. information security firm Mandiant, which implicated teams based in China with attacks on more than 140 U.S. and English-speaking businesses and organizations and suggested the Chinese government was aware of the activities and likely supporting them. The Mandiant report focused particular attention on one of the so-called Advanced Persistent Threat units, which the cybersecurity firm referred to as APT1. More than 20 APT groups conducting attacks and stealing information allegedly have their origins in China, and Mandiant said the prolific APT1 team may be affiliated with the People's Liberation Army in China. "The activity we have directly observed likely represents only a small fraction of the cyber espionage that APT1 has conducted," the report said. "Though our visibility of APT1's activities is incomplete, we have analyzed the group's intrusions against nearly 150 victims over seven years ... Our analysis has led us to conclude that APT1 is likely government-sponsored and one of the most persistent of China's cyber threat actors." Mason noted that there were "similarities" between the sophisticated Advanced Persistent Threat attack at ORNL in 2011, which forced the lab to shut down Internet access for days and take other extraordinary measures to cleanse the computer systems. Experts from the nation's top cybersecurity units joined in the investigation. Asked if they concluded ATP1 was responsible for the ORNL attack, Mason indicated that's hard to say. "Everyone uses different nicknames for things so I have no idea if what Mandiant called APT1 and 'comment crew' is the same as our APT or the same set of actors," Mason said. "But the overall pattern is consistent. As we said at the time, the attack had all the hallmarks of a sophisticated nation-state activity. There are a limited number of countries that have such capabilities and, as the recent reports have highlighted, China is a major player (if not the major player) in this area. "I think one of the messages to China coming out of the recent attention on this topic is that the level of activity has reached a point where there are starting to be consequences for the relationships with government and industry in the U.S." Mason said ORNL was fortunate in 2011 that it intervened before there was a major removal of data from the lab's systems. The reality of today's world is if you have valuable information, somebody is going to come after it, the ORNL director said. "If no one was trying to get into our systems then I'd know we had fallen off the pace of innovative science and technology to the point we had nothing of value. Hopefully, sequestration notwithstanding, we'll never get to that state." Working with visitors from China and other countries is important, especially in areas of science where results will eventually be published in the open literature, Mason said. He noted that foreign visitors, especially those from sensitive countries such as China, are subject to background checks in advance of visits and have restrictions on where they can go during their time at ORNL. "So, having people visit the lab under that rubric doesn't really represent any additional vulnerability," he said. Mason concluded: "In some sense, it's better to have a structured collaboration where we understand who's doing what and where we choose to collaborate and where not to collaborate. Because closing ourselves off to a significant and growing chunk of the world's R&D would be more harmful to us in the long run." ___ (c)2013 the Knoxville News-Sentinel (Knoxville, Tenn.) Visit the Knoxville News-Sentinel (Knoxville, Tenn.) at www.knoxnews.com Distributed by MCT Information Services |