 |
|
DAILY NEWS AND INFORMATION
FOR THE GLOBAL GRID COMMUNITY /
|
Special Features:
GRID ATTACKS RAISE CONCERNS AMONG
SECURITY EXPERTS
Security experts are concerned over recent attacks on Grid-based
supercomputers at colleges, universities and research institutions which have
resulted in online network research crashes. Can these machines now be used to
infiltrate certain Web sites or parts of the Internet?
As many as 20 institutions were targeted, according to two sources who work
at
facilities affected by the attacks. Both asked that their names be withheld
because they are aiding the ongoing investigation and fear that officials at
other institutions may refuse to cooperate if they believe they could become
the subject of media coverage.
One powerful research computing project affected by the attack was
TeraGrid,
a
network of computers funded by the National Science Foundation and used to
conduct intensive data-crunching projects such as weather forecasting and
genome sequencing.
The attacks prevented some researchers from using the grid for up to five
days
last week as investigators assessed the damage, said Pete Beckman, director of
engineering at Argonne National Laboratory, a U.S. Department of Energy lab
operated by the University of Chicago. Beckman said several systems were hit
at the lab, which maintains sites in suburban Chicago and Idaho.
Hackers also broke into TeraGrid systems at the National Center for
Supercomputing Applications (NCSA) at the University of Illinois and the San
Diego Supercomputer Center (SDSC) at the University of San
Diego-California.
The hackers' identities remain unknown. None of the systems were
permanently
damaged, but the hackers gained the ability to control the various networks
for at least short periods of time.
With that much computing power at their disposal, the hackers could have
launched an assault capable of disabling large portions of the Internet, said
Russ Cooper, a chief scientist with Herndon, Va.-based TruSecure Corp.
Even harnessing the power of one high-performance computer on a high-speed
research network could give intruders the attack resources equal to hundreds
-- if not thousands -- of desktop computers, Cooper said.
"This could be a wake-up call to what should be very, very secure computing
environments, because these machines should never have been compromised."
The FBI contacted officials at the schools, according to Beckman and Tina
Bird, a computer security officer at Stanford University. FBI spokesman Paul
Bresson declined to comment on whether an investigation is underway.
The Department of Homeland Security, which is responsible helping guard the
nation's critical information and communications systems, also declined to
comment.
The incident underscores years of warnings from cybersecurity experts in
the
government and private sector that the United States could suffer a major
electronic attack at the hands of ever more sophisticated online criminals. In
June 2002, The Washington Post reported that U.S. intelligence agencies had
monitored al Qaeda operatives probing computer systems at dams, power plants
and other critical infrastructure facilities.
Bird said the attackers appear to have sought out machines in academic and
high-performance computing environments.
Technicians at Stanford, which is not part of the TeraGrid network,
quarantined at least 30 computers after the attack. It targeted computers
running versions of the Linux and Solaris operating systems that were
vulnerable to several recently discovered software flaws.
After posting her findings on Stanford's Web site last week, Bird said,
systems administrators at other academic institutions contacted her to report
similar intrusions. She would not say how many notices she received or what
schools reported attacks.
"This incident is definitely giving us an opportunity to reevaluate the
maintenance and protection we provide to our Unix systems," Bird said. "When
you're completely focused on widespread attacks on [Microsoft] Windows
systems, it's certainly startling."
The National Center for Atmospheric Research in Boulder, Colo., took
several
of its systems offline after they were compromised by the hackers. Al Kellie,
the center's scientific computing director, said that the problem "is
apparently occurring at many institutions around the country."
Kellie said the center suspended access to its supercomputer network after
the
attack. It is not scheduled to go back online until next week.
Karen Green, spokeswoman for the NCSA at the University of Illinois, said
she
observed no adverse results from the attacks.
"There wasn't any classified data involved, and I haven't heard of anyone's
scientific data being compromised," she said.
The intruders gained access to a number of the San Diego center's systems
over
a four-day period this month, said SDSC spokeswoman Ashley Wood. In each case,
Wood said, the systems were inspected by SDSC officials and patched so that
the hackers could not gain access again.
Security breaches on TeraGrid and other supercomputers could result in
losing
valuable research time and data, as well as hackers getting hold of
confidential data, said Scott Fendley, a security analyst for the University
of Arkansas-Fayetteville. The university was not affected by the attacks.
Fendley said attackers also could use the machines to knock other networks
offline with large data blasts. It would be similar to a February 2000 case
where a Canadian juvenile commandeered high-speed computers at University of
California-Santa Barbara to knock Amazon, eBay, CNN.com and other Web sites
off-line for hours.
"I'm sure there are bigger targets, but I hope that someone is really
keeping
an eye on those," he said. "Once you get past [San Diego] supercomputer
complex, the next large clusters I'm aware of are government or military
owned."
Beckman, however, said it seems like the attackers tried to do little more
than see how much access they could get.
"This is more like what happens at an airport when a small security
infraction
closes down an entire terminal," he said. "It's annoying and frustrating, but
little real or lasting damage was done here."
|