News Article: LHC Website Defaced

[Ehtyar]

The website of the Large Hadron Collider has had its homepage defaced by Greek hackers claiming to be 2600.

Hackers have mounted an attack on the Large Hadron Collider, raising concerns about the security of the biggest experiment in the world as it passes an important new milestone.

The scientists behind the £4.4bn atom smasher had already received threatening emails and been besieged by telephone calls from worried members of the public concerned by speculation that the machine could trigger a black hole to swallow the earth, or earthquakes and tsunamis, despite endless reassurances to the contrary from the likes of Prof Stephen Hawking.

Full Story

Ehtyar.

[Deozaan]

Paranoid, neurotic geeks? I never would have guessed it!

[f0dder]

It's somewhat scary that they were able to break into one of the LHC-related systems. Sure, this might only have been a web frontend/whatever, and the rest of the internal network might have been much better protected, firewalled, partitioned into subnets etc... but the hackers got into one machine, and the story hints that mission-control computers would have been reachable from that machine.

When do people learn that you should never have mission-control stuff reachable from internet-facing boxes? It's pretty damn scary that some of the SCADA grids are reachable from the net.

[Deozaan]

What's a SCADA grid? What could they do to the LHC that would make it dangerous or whatever?

[Ehtyar]

What's a SCADA grid? What could they do to the LHC that would make it dangerous or whatever?

-Deozaan (September 14, 2008, 06:06 PM)

I believe f0dder is referring to the LHC's Supervisory Control And Data Acquisition grid, and indeed he has a very good point. You'd think of all places that ignore security, the LHC would not be one of them.
Surely you can imagine someone managing to cause some damage with the worlds largest particle accelerator at their control.

Ehtyar.

[Deozaan]

I believe f0dder is referring to the LHC's Supervisory Control And Data Acquisition grid, and indeed he has a very good point. You'd think of all places that ignore security, the LHC would not be one of them.
Surely you can imagine someone managing to cause some damage with the worlds largest particle accelerator at their control.

Ehtyar.

-Ehtyar (September 14, 2008, 06:18 PM)

I didn't realize that the computers that control the LHC were at risk. I thought it was just data or website computers that were compromised.

[f0dder]

Deozaan: the system they broke into (public-facing not-so-important stuff) is, as far as I can tell from the article, linked to control systems as well. Probably on different subnets with firewalling, other user credentials et cetera, but if they're connected they can be broken into.

SCADA is the kind of stuff used to control power grids, railway stuff, etc. Used to run on physically separate networks with dedicated access terminals, but since that was a bother, some of them are now routed across the internet (SCADA protocol encapsulated in IP packets). And some of the still physical separate systems are accessed through client applications on normal workstations that are internet-connected, which means if you break into one of those boxes, you can use it as a gateway to the SCADA grid.

So theoretically you might be able to shut down power plants, mess with railway traffic, etc. And iirc some security consultants have already demonstrated that they could mix a little hacking and social engineering, and access a power grid control remotely...

[Deozaan]

f0dder: Scary stuff! It's like "Live Free or Die Hard" happening in reality!