A cyberattack on a U.S. nuclear laboratory in October, reports the Department of Homeland Security, has links to China.
A confidential memo, obtained by The New York Times, from the United States Computer Emergency Response Team identified the phishing attacks as emanating from Internet addresses in China.
The attack against the Oak Ridge National Laboratory, reports the Times:
...did not compromise classified information, though they acknowledged that they were still working to understand the full extent of the intrusion.... According to a letter to employees written by the laboratory’s director, Thom Mason, an unknown group of attackers sent targeted e-mail messages to roughly 1,100 employees as part of the ruse.
Lab employees were sent seven phishing emails "all of which at first glance appeared legitimate," said Mason. The lab believes 11 employees eventually opened the phishing emails. By opening the emails, the employees unknowingly allowed the phishers to gain access to a database that held personal information of lab visitors from 1990 to the present.
The US-CERT warning advised caution, saying just because the attacks seem to have come from China does not mean necessarily that they did. Historically, phishers have disguised their location by compromising Chinese computers and using those computers to attack their target.