Posted on 09/16/2008 3:56:41 AM PDT by Renfield
A group of Greek hackers broke into the particle accelerator's systems just as scientists were turning it on in front of the world's media
Monday, 15th September 2008
Even as the scientists at CERN, the centre for nuclear research, were switching on the Large Hadron Collider (LHC) particle accelerator under Geneva last week, a group of Greek hackers were one step away from controlling a 12,500-ton electromagnet that serves as one of the machine’s four detectors.
The intruders posted a lengthy note in Greek on the machine’s network introducing themselves as ‘the Greek Security Team’, mocking the system’s poor security and calling the IT staff responsible for it “a bunch of schoolkids.”
The hackers said they had no intention of interfering with the operation of the LHC, but added, “We're pulling your pants down because we don't want to see you running around naked looking to hide yourselves when the panic comes.”
Scientists fighting off the attack on the ‘Compact Muon Solenoid Experiment’, which is competing with the Atlas detector to find evidence of the Higgs boson particle, reportedly described the intrusion as “a scary experience”.
"It is hard enough to make these things work if no one is messing with it,” an insider told The Daily Telegraph.
While only one existing file was damaged, half a dozen were reportedly uploaded and had to be carefully studied before deletion in order to avoid potential back-door threats.
"It was quickly detected and there seems to be no harm done,” said CERN spokesperson James Gillies. “From what we can tell, it was someone making the point that CMS was hackable."
LLS
They have upgraded their security. The network name was changed from Linksys to Hadron and the login info was changed from “admin:password” to “big:bang.”
It’s much more secure now.
heheh...hacked by the G(r)eek Squad...
Well, data analysis is a different subject. If you’re in Chicago, I imagine you work at Fermilab.
Anyway, it appears to me that you don’t need to analyze data “real time” which would require remote access. Seems to me all you need is the raw data shipped to you. It’s pretty easy to set up a one way link that moves data.
I have to admit, you’re looking at cutting edge stuff and I look forward to seeing the results of the experiments.
I might even understand the results of the experiments, if Leon Lederman’s book “The God Particle” isn’t completely outdated.
Just to give you an example of security issues, a lot of people consider it a major inconvenience changing their password once a year, let alone every three months. And three months is what I consider the MAXIMUM interval one should have on a network.
On top of setting password change intervals, try getting people to use complex passwords. These tend to be fairly simple, Upper and lower case letters along with numbers, minimum length of 6 digits. Yet, people, especially people with clout, consider this to be too much trouble.
The above steps are basic security measures, but this is enough for people to accuse IT of being paranoid.
As an IT person, you should know the original purpose in setting up the "Internet" was to facilitate communications between US university libraries and government sponsored research laboratories. The thought being to make electronic copies of research abstracts and results generally available to people working in similar areas of advanced scientific study but widely separated geographically. Such studies include high energy physics, making a connection to the CERN accelerator almost a given. Other labs so connected are Los Alamos and Sandia Labs.
The Internet has grown way past anything envisioned by the founding organizations and has truly become "the worldwide web". What amazes me is that it's main function now seems to be disseminating pornography, commercial enterprise, a soap box for every crackpot blogger, and an unending supply of lame jokes. We truly have progressed from the sublime to the ridiculous in one generation.
Regards,
GtG
PS I agree with you regarding the security of their connection, it was appallingly lax and heads should roll because of the breach.
I am not aware of that story about hacking al-qaeda. If that’s true, then I’d agree with you 100% that would be a terrible thing for the CIA to do. Unfortunately, as most people have come to realize (on both sides of the aisle), the CIA has long been a government unto itself. They’ve spent the last 8 years trying to undermine Bush, so I don’t put it past them to do something like that.
We could have a spirited discussion which would basically involve denotation versus connotation when it comes to the internet.
Anyway, yeah, I have to grant you your point when it comes to original intent, whereas I tend to think of what it currently is.
That aside, if all you are doing is moving raw data, it’s easy enough to set up a one way connection, or, upload the data to a “data clearinghouse” server which can then be accessed by those who want to look at or download the data.
I’m quite sure the computer infrastructure is set up the way management wanted it, over IT’s objections.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.