The alarm bells started ringing this week after the Hadron Collider at CERN went online. But, not for any problem with the system itself. Rather, a website related to it was defaced.
From The Telegraph:
Now it has emerged that, as the first particles were circulating in the machine near Geneva, a Greek group had hacked into the facility and displayed a page with the headline “GST: Greek Security Team.”
The people responsible signed off: “We are 2600 – dont mess with us. (sic)”
The website – cmsmon.cern.ch – can no longer be accessed by the public as a result of the attack.
This normally wouldn’t be too much of a problem however the network hosting the webserver was a little too close to this behemoth of a machine. How close you ask?
If they had hacked into a second computer network, they could have turned off parts of the vast detector and, said the insider, “it is hard enough to make these things work if no one is messing with it.”
Fortunately, only one file was damaged but one of the scientists firing off emails as the CMS team fought off the hackers said it was a “scary experience”.
Um, whut?
Why isn’t this 3 billion € machine segregated? This seems to be akin to attaching a SCADA network to the internet. Not this wisest idea. So what was this website running on before it got taken down? Well, as of Sept 10th it was reporting “Apache/2.2.4 (Unix) DAV/2 proxy_html/2.5 mod_jk/1.2.20 mod_ssl/2.2.4 OpenSSL/0.9.8d ” on Netcraft. Well, running a pwnable version of Apache is a good indication of how they got access.
So, CERN, looking for some infosec staff?
🙂
For the full article read on.
[tags]CERN, Hadron Collider, CMS, Defacement[/tags]
