The Telegraph is reporting that attackers have defaced a Web page on the Compact Muon Solenoid Experiment Monitoring (CMSMON) system that monitors the fallout from the big bang experiment presently taking place beneath CERN.
Greek Security Team defaces CMSMON portal.(IMG:J.Anderson)
The question that should stand out is why this system was public faced. CERN scientists said the attackers were “one step” away from the control system that operates one of the huge magnets used in the gargantuan machine.
"There seems to be no harm done. From what they can tell, it was someone making the point that CMS was hackable," said James Gillies, spokesman for CERN. "It was quickly detected. We have several levels of network, a general access network, and a much tighter network for sensitive things that operate the LHC."
Yet if the network is segmented, why was there only one layer between the CMSMON and the tighter network for sensitive controls?
The group that performed the defacement is the Greek Security Team. As seen in the image below, the attackers performed a normal defacement by means of switching out files. Systems checks showed that no other malicious files were left behind, and the site (cmsmon.cern.ch) was restored and taken out of public view.
There has been a lot of coverage given to CERN's scientific tests surrounding the recently unveiled Large Hadron Collider (LHC), and also notable fears about the overall big bang experiment itself.
However, what damage could have been done if the attackers had managed to break through past the CMSMON into the other system? How high was the risk that the Greek Security Team could have accessed other systems and ruined the multi-billion dollar LHC's chances of uncovering some of the scientific secrets of our universe?
Apparently the risk was low. "We think that someone from Fermilab's Tevatron had their access details compromised," a CERN scientist relayed to The Telegraph. "What happened wasn't a big deal, just goes to show people are out there always on the prowl."
To address security for the more than 100 control systems utilised at CERN, officials have set up a working group called 'Computing and Network Infrastructure for Controls'. They will oversee the security measures used, and continuously refine them. According to CERN, they use a defense-in-depth approach to deal with network security. This is why they have segmented the network as they have, only it looks as if they missed some steps along the way.
At the end of the day, what do we have? A high-profile subject with forward-facing Web access was defaced, and those who still maintain the end of the world is near have yet more ammo for their arguments.
Other TTH coverage concerning the Large Hadron Collider can be found here, here, and here.
Interested in a more interactive TTH? Join our Facebook Group Want regular updates from The Tech Herald? Follow us on Twitter
Advertising
Comment on this Story