Hackers deface LHC site, came close to turning off particle detector

Hackers deface LHC site, came close to turning off particle detector

Summary: Is it now cyberwar over atom-smashing? A team of Greek hackers calling themselvses Greek Security Team has penetrated the Large Hadron Collider and defaced a public website.

SHARE:

Is it now cyberwar over atom-smashing? A team of Greek hackers calling themselvses Greek Security Team has penetrated the Large Hadron Collider and defaced a public website. No real damage done, but the hackers got perilously close. The hackers attacked the Compact Muon Solenoid Experiment, or CMS. The Guardian reports:

Scientists working at Cern, the organisation that runs the vast smasher, were worried about what the hackers could do because they were "one step away" from the computer control system of one of the huge detectors of the machine, a vast magnet that weighs 12,500 tons, measuring around 21 metres in length and 15 metres wide/high.

If they had hacked into a second computer network, they could have turned off parts of the vast detector and, said the insider, "it is hard enough to make these things work if no one is messing with it."

Fortunately, only one file was damaged but one of the scientists firing off emails as the CMS team fought off the hackers said it was a "scary experience".


Check out ZDNet's other coverage on the Collider:

The hackers breached the CMSMON system, which monitors the CMS software system. CMS takes vast amounts of data during collisions. About CERN's security apparatus:

Cern relies on a 'defence-in-depth' strategy, separating control networks and using firewalls and complex passwords, to protect its control systems from malicious software, such as denial-of-service attacks, botnets and zombie machines, which can strike with a synchronised attack from hundreds of machines around the world.

However, there have been growing concerns about security as remote or wireless access, notebooks and USB sticks offer new possibilities for a virus or worms to enter the network, not to mention hackers and terrorists who might be interested in targeting computers to shutdown the system.

Update: Received the following comments from Andrew Storms, director of security ops at nCircle Network Security: It's always difficult for outsiders to understand what may have really happened without the first-hand technical recount of the events. However, two things we can always count on -- 1) the higher value targets will receive more attention from hackers 2) the more sophisticated hackers won't be knocking on the front door.

If its true that the access vector was a Fermilab worker had their access information compromised, then this points to the higher level of sophistication of the hackers. They knew that the front door would be locked, so they probably targeted a trusted individual who would have access to the LHC networks.

Its important to note that the compromise probably began with a human. We are more than often the fault for most system compromises. Hackers know this and have actively been targeting people for years now, with the understanding that they may unknowingly give the attackers access to what they seek.

Even those with PHDs and deep understanding of higher level mathematics and physics are prone and susceptible to computer and information security intrusions.


Topics: Software, Enterprise Software, Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

96 comments
Log in or register to join the discussion
  • Hackers

    From hackers like these something terrible might happen.
    Even if everything is ironed up perfectly and runs smoothly, an accident can happen due to this kind of people. Why do they have to stick their fingers in something that doesn't belong to them.

    A (really friendly) advice to the hackers. Fill in a complaint, sue them, do the same in a legal way.
    Plus, the LHC has been building for six and a half years. What have you been doing all that time. Whatever you do now is useless.
    moondowner
    • Re

      Actually, if you read the message they left behind, you 'll see that the only purpose of hacking into the system was to show the lack of security in the servers of CERN, the incapability of the people responsible for security and to show off to their competitors. They had no intention to cause any trouble. If they had, the CERN team would be in deep shit right now...
      ghost_ghost
  • That's all we need

    some bunch of fanatic maniacs getting into the control system of something that could posibly create another big-bang right here on earth. These freaks need to be hunted down and put away forever.

    NAB :-)
    nabisho
  • RE: Hackers deface LHC site, came close to turning off particle detector

    Why does the control system have to be on online. Wouldn't it be safer to have the control system offline?
    drand54@...
    • well,

      they could have just used macs or linux based computers, and
      actually done a good job, instead of piece of shit windows
      computers and messing around like asshats.
      ican'tbelieveihavetoregisterforthisstupidsite
      • and you know what they use how?

        Anyway, yes they could have used Macs or Linux. Everyone knows no one can hack those.

        You should go work for LHC and bring your expert advice along.
        tikigawd
        • total fallacy

          "they could have used Macs or Linux. Everyone knows no one can hack those."

          Im sorry tikigawd, but that statement shows a worrying lack of knowledge on the topic of OS security.

          Most flavours of Linux can be very easily exploited and hacked, as anyone with a working knowledge of SAINT or a myriad of other tools will know. Check out http://www.linuxsecurity.com/ for more info.

          As for hacking Apple, its quite possible, it just costs you 3 times as much while making you look cooler :D Check out http://www.machacking.net/ for more info....

          Of course its done, its just that as micro$oft is a bigger target and more popular, you only ever seem to hear about windowz getting hacked all the time, but the thought that Mac and Linux are unbreakable its a total fallacy.

          So dont just blindly presume, youre only continuing a untruth distributed mainly by untrained and illinformed newspaper journalists, and 1st year Computer Science students that think they know everything cos they can spell Linux...try looking things up first..... you know what they say about presumption....about it being the mother of all f***ups :D
          2WiReD
          • yup

            and whats funny is that apple as been releasing massive security patches, funny how that coincides with apples increasing market share. Mac OS X is now really just another flavor of linux running on a pc anyways.
            shadfurman
      • only an idiot would bellieve that.

        It would take a real idiot to belive that a Mac is more secure than windows. But I guess if you don't know something it is easier to speak with out thinling about what a fool it makes you look like.
        trundor1@...
        • "idiot"

          hey buddy, how about correcting misinformation rather than just putting someone down without backing up your viewpoint? it'll help make the world a better place for all, ya know
          2WiReD
          • ID-10-T...! Indeed...

            Gee.. How soon they forget... <sigh>

            Just think back a short while to the last Pwn2Own contest... The first computer to fall was <insert drumroll here>... The Mac!

            DOH!
            Wolfie2K3
        • Idiot

          The only idiot here is rbslack.
          Mac OS X is basically UNIX, which is MUCH more secure
          then Windows.
          AzuMao
          • uhhuh...

            whatta base that on? ANY computer system is only as secure as those administering and using it. I haked my internet provider when I was fourteen (and not all that smart) he was running linux, which I had no previous experience with. He'd been doing linux administration for years. But he made a couple stupid mistakes and me dinkering around found his unshadowed password file and three days of running it against a wordlist I had a root account. Yet it took me almost a month to hack my dads account on NT 3.5.1 to disable cyberpatrol so I could look at porn. My only point... there isn't more or less secure when it comes to OS's only smarter or stupider users and admins. (thats why vistas UAV is so irritating cause its made for stupid users)
            shadfurman
          • Yes

            Obviously all systems are vulnerable to user error.
            That's not the question.
            The question is, which one is less likely to get
            hacked when there isn't user error.
            AzuMao
      • Re

        Actually, it is Linux using Oracle for the database (as far as I 've figured out):

        http://4.bp.blogspot.com/_X4lfqpxxOCQ/SM-UW2F7riI/AAAAAAAABB0/sGaE3-kDe4Q/s1600-h/gst-greek-security-team.jpg

        Take a look at the processes the hackers mention and the user_id for each process...
        The rest is in greek so it may seem greek to you but not for me!!! (kidding) :)

        You can double check it here:
        http://platonic.techfiz.info/2008/09/11/linux-powered-large-hadron-collider/

        "... believe it or not Large Hadron Collider (LHC) runs on &#8220;Linux&#8221;."


        No matter what OS you use, you can never be safe. The only way is to know what to do in order to be safe...
        ghost_ghost
        • Exactly

          Even Linux wasn't designed to protect itself from it's
          own owners.
          People should stop being stupid.
          AzuMao
    • Why it's online...

      Saw something on this on Science Channel a week or so ago.

      The reason the controls ARE accessible online - so legit researchers can access them from anywhere they happen to be. Researchers, for instance, who are stationed at Fermilab are able to run experiments at the LHC while being able to do their regular duties here in the U.S...
      Wolfie2K3
      • Because...

        Perhaps, because they need someone to blaim when they blow up Europe...
        "No man, it wasn't us. It was a team of hackers" they 'll say!

        :)
        ghost_ghost
      • Convenience Shouldn't Trump Security

        There really is no excuse for having this online. Those who wish to use the thing should go there. Those who are there and wish to share info from it should have a process for taking that info via USB flash drive or external drive and transferring it to another computer that can then be put online.

        I really wonder sometimes why we have so many unbelievably rich targets, such as the Pentagon, online at all. I recognize that I'm quite ignorant of their needs, but we've set ourselves up for a cyber-massacre and the day will probably come when China takes us out without needing to fire a shot.
        No one special
        • or maybe

          since most really smart scientists are pretty busy... if there was just some janitor guy there and could throw a hard switch with a phone call. of course HE could be hacked too... but it's another level.
          shadfurman