Greek Hackers Invade LHC… Nothing Much Happens

LHC computing is some of the most advanced in the world... but it can still be hacked... (CERN)
The LHC computers are some of the most advanced in the world... but they can still be hacked... (CERN)

As the Large Hadron Collider (LHC) circulated its first beam of particles last Wednesday, there was an electronic battle being waged inside the computer systems of the Compact Muon Solenoid Experiment (CMS), one of the four LHC detectors. The detector’s monitoring systems (CMSMON) were compromised and Greek hackers were able to upload half a dozen files during September 9th and 10th forcing CMS software engineers to scour all the systems for any more hidden files as the historic LHC “switch on” happened around them. The detector’s website displayed the Greek Security Team‘s (GST) replacement, mocking the poor security of the international particle accelerator facility, CERN.

This chain of events will of course raise a few eyebrows as to how this could possibly have happened at the multi-billion pound experiment (after all, CERN was the birthplace of the World Wide Web back in 1991), but the LHC is a huge target for hackers, if there’s a flaw, someone will eventually exploit it. CERN officials have pointed out that the security breach did not affect any experiment-critical systems, but there was bound to be some worried faces at CMS last week…

As soon as the dust settled after the big LHC event last week, news appeared that Greek hackers had found CERN’s electronic Achilles Heal: CMSMON. With thanks to David Gamey for drawing my attention to this, according to reports on Friday (that I’ve only just had time to read… as I was getting married at the time!), the hackers – calling themselves the “Greek Security Team” – slipped past non-critical systems, calling CERN’s software engineers, “a bunch of schoolkids.” They had uploaded six files and caused minimal damage to the LHC systems. In a long bragging note on the CMS website (www.cmsmon.cern.ch – currently offline), the faceless members of the GST pointed out they were “…pulling your pants down because we don’t want to see you running around naked looking to hide yourselves when the panic comes.” By the looks of things, the GST had a lot of other things to say, but I neither have the time or the Greek-reading ability to find out what they did say.

Although the team neglected to specify where the security flaws were, they did say in one of the documents they uploaded, “Recent events show that computer security issues are becoming a serious problem also at Cern.”

The web page the hackers left behind at www.cmsmon.cern.ch
The web page the hackers left behind at http://www.cmsmon.cern.ch

While I’m mildly impressed by the GST’s attack on the LHC, I’m also a little disappointed they haven’t made their intent very clear. Like many hacking escapades, these are intelligent individuals with too much time on their hands showing off their security-evading techniques. Often, like this self-professed web security team, they claim their existence is required to seek out flaws in systems protecting valuable data in the hope of the owner upgrading their firewalls. When I first read about this, I was perversely hoping for a little more. Perhaps Walter Wagner had found a way to stop the “doomsday machine” himself? Or the People for the Ethical Treatment of Hadrons (PETH) were trying to electronically mount a quark prison break? But no, just a few guys showing off, proving to the world they are geeky Greeks on a mission to rid the world of faulty firewalls…

Where have all the activists gone? Judging by the furore churned up in the run-up to September 10th, I thought the doomsayers were actually going to do something rather than lodging piecemeal lawsuits that were never going to succeed.

Alas, even if Otto Rossler and the GST teamed up, they wouldn’t get far. Although this event will have frustrated CERN technicians, it is unlikely that they would have gotten any further than crashing a website. CERN practices a defence-in-depth strategy, where control network layers are firewalled and password protected. Generally this system is safe from attacks on the outside, but should malicious software find its way into CERN via an unwitting employee (perhaps through a USB device or laptop – much like the Space Station worm in August), the first line of defence could be compromised. CERN believes the security details of a US worker at Fermilab’s Tevatron may have been stolen, allowing the hackers access to the LHC.

It would appear it is business as usual at CERN and the LHC commissioning is accelerating nicely before the first particle collisions in October, so I’ll leave you with an inspiring image from the CMS as a beam of protons entered the detector on Wednesday, hitting the collimator blocks. You can see the debris from the low energy collisions making an impressive pattern, imagine what the scene will look like during a 14 TeV collision!

Debris from particles hitting the collimator blocks were detected in the calorimeters and muon chambers (CERN/LHC/CMS)
Debris from particles hitting the collimator blocks were detected in the calorimeters and muon chambers (CERN/LHC/CMS)

Source: Telegraph report by Roger Highfield

Advertisements

10 thoughts on “Greek Hackers Invade LHC… Nothing Much Happens”

  1. i think that GST , DID NOT call CERN’s software engineers, “a bunch of schoolkids” but some other greeks, critiscising them for “messing around” on the internet, calling themselfs hackers as well instead of doing something usefull and serious as GST did!!
    that’s what i understood from the defaced site and i would like to ask you to correct the article if possible.

  2. the phrase “…pulling your pants down because we don’t want to see you running around naked looking to hide yourselves when the panic comes.” DOES NOT refer to the cern’s engeneers either (according to what i understood by reading the Greek text…)

  3. @STV:-
    Well, according to the source material written by Roger Highfield (Telegraph), what I wrote is accurate. It’s strange for a group of hackers to gain access to a secure area only to accuse other hackers of being a bunch of kids. According to the source, the text is translated as being directed at CERN technicians. Until you can find me alternate sources backing up your correction, I won’t change the article. Sorry.

    Thanks for stopping by,

    Ian 🙂

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s