ARCHER, one of the UKs most powerful research supercomputers, has been knocked offline indefinitely due to a security exploitation of its login nodes, in an attack which also affected the wider academic community in the UK and Europe. As a result, all of ARCHERs existing passwords and SSH keys are being rewritten, and a strong warning has been issued against users logging in with existing credentials.
A spokesperson for Edinburgh University, where ARCHER is based, said the institute was currently investigating the issue. On the 11th May 2020 our technology partners were notified of a potential issue that indicated some user accounts may have been misused to gain unauthorised access to the service, they said. Investigations by our technical teams confirmed that a small number of user accounts had been affected so the decision was taken to disable access to allow further work to confirm the extent of the issue.
The university is working with the National Cyber Security Centre (NCSC) and its technology partners to forge a path to recovery and determine when systems can be brought back online. It said that there is nothing to suggest any research, client or personal data was impacted by the attack. A status update on Thursday said that its hoped ARCHER will return to service early next week but that this will be conditional upon the results of diagnostic scans taking place and consultation with NCSC.
Attacks on supercomputers have been rare up until now, but that doesnt mean they are less susceptible than other computers. A supercomputer is not as exotic as it sounds, says Antonios Michalas, assistant professor in the Department of Computing Sciences at Tampere University. Currently, most of the existing supercomputers rely on traditional hardware, with the exception that they have many many resources.
Because supercomputers arent attached to a terminal, theres surrounding infrastructure that allows people to log in remotely. It appears that the attack wasnt levelled directly at ARCHER, but its perimeter. The fact that they are having to change all the passwords and all the SSH keys suggest that somebody somehow managed to get a Secure Shell maybe through somebody having inadvertently given away the keys or the password, says Alan Woodward, a cyber security expert at the University of Surrey. Woodward says if the SSH key was generated by a password, the password could potentially have been obtained in a phishing attack or through a hacked device. Most of these situations are not some terribly clever technical thing, but actually the weak human is the link, he says.
ARCHER is on a range of research projects, such as modelling weather patterns and biomedical data, simulating the Earths climate and designing new materials. But its role in supporting a number of different COVID-19 research projects might have proven a particular draw to hackers.
I am not sure if anyone can say for sure whether this is a targeted attack to either exfiltrate data relating to Covid-19 research or it was an attack to slow the progress of research into Covid-19 by state actors or whether it was simply a indiscriminate scan attack which happened upon the supercomputer, says Kevin Curran, professor of cybersecurity at Ulster University.
Curran believes we can expect more attacks on supercomputers carrying out biological modelling in future. Organised cybercrime and nation-states are able to install malware (often through infected USB & other hardware interfaces) which can reside on air-gapped machines and also use internal communication chips (in the device) to send the data out to the spies receiver outside, he said in an email. Israeli researchers demonstrated how to steal data that bypasses all of these protections using the GSM network, electromagnetic waves and a basic low-end mobile phone. So it is very difficult to protect a targeted asset such as ARCHER.
Shadow digital, science and technology minister Chi Onwurah said: Our research sector is vital to tackling the pandemic, and the ability to run calculations on the UK HPC System of models and forecasts is crucial to leading us all safely out of lockdown. We need urgent clarity on the causes of this breach and what impact it might have on ongoing research into the coronavirus and potential therapies.
She added: Even short delays to modelling can have a large effect down the line, as this can hold up laboratory work, where delays can get compounded due to the strict scheduling required to due to social distancing.
Archer has resided at Edinburgh University since 2013, but is due to be replaced this year with the more powerful Archer2.
See the article here:
Cyber attack knocks UK research supercomputer ARCHER out of action indefinitely - NS Tech
- New Microsoft Ads Take Aim at Mac Pricing - November 8th, 2009 [November 8th, 2009]
- Adobe Flash Comes to TV - November 8th, 2009 [November 8th, 2009]
- Microsoft Introduces Windows 7 Starter Edition - November 8th, 2009 [November 8th, 2009]
- Mac Viruses and Trojans Becoming More Prevalent - November 8th, 2009 [November 8th, 2009]
- Apple ‘Customer Experience’ Continues to Trounce PCs - November 8th, 2009 [November 8th, 2009]
- Seagate Introduces ‘Replica’ Drive to Backup Entire PC - November 8th, 2009 [November 8th, 2009]
- Still Love XP? Run it on Windows 7! - November 8th, 2009 [November 8th, 2009]
- Is Microsoft Ditching Vista? - November 8th, 2009 [November 8th, 2009]
- The Kindle DX: Not Exactly a Textbook Killer - November 8th, 2009 [November 8th, 2009]
- The Smart Shopper’s Guide to Buying a Wireless Router - May 19th, 2010 [May 19th, 2010]
- iTunes 10: So Long, Ringtone Creator - Thanks for the Memories - October 17th, 2010 [October 17th, 2010]
- iTunes 10: So Long, Ringtone Creator – Thanks for the Memories - February 14th, 2011 [February 14th, 2011]
- How to Make Your Laptop Last Longer - February 14th, 2011 [February 14th, 2011]
- Client Build 5 UPDATE: Personal Super Computer 2011 (SR-2 X5690 OCZ Vertex 3 GTX590 Nvidia Tesla) - Video - March 29th, 2012 [March 29th, 2012]
- Super Micro Computer, Inc. Announces 3rd Quarter 2012 Financial Results - April 25th, 2012 [April 25th, 2012]
- Super Micro Computer Q3 Profit Slips - Quick Facts - April 25th, 2012 [April 25th, 2012]
- Super Computer Maker Cray and Intel strike Partnership - April 25th, 2012 [April 25th, 2012]
- Super Micro Computer Q3 12 Earnings Conference Call At 5:00 PM ET - April 25th, 2012 [April 25th, 2012]
- Herd mentallity and the information super highway - Video - April 25th, 2012 [April 25th, 2012]
- Brain vs. Computer - Video - May 4th, 2012 [May 4th, 2012]
- Minecraft World First - Most wanted redstone device - Video - May 4th, 2012 [May 4th, 2012]
- PS3 Jailbreak Tutorial 4.11 WORKING - Video - May 4th, 2012 [May 4th, 2012]
- China's Tianhe-1 supercomputer begins operations - Video - May 4th, 2012 [May 4th, 2012]
- June 2011 TOP500 Review looks at Japan's K Supercomputer - Video - May 4th, 2012 [May 4th, 2012]
- Super Vision for Soldiers - May 5th, 2012 [May 5th, 2012]
- The Super Sonic Show Episode 0-Computer Help - Video - May 7th, 2012 [May 7th, 2012]
- Why Super Micro Computer's Earnings May Be Less Than Awesome - May 10th, 2012 [May 10th, 2012]
- Magnetic bacteria may help build computer hard drives - May 10th, 2012 [May 10th, 2012]
- SUPER WHY! Around the World Adventure Kicks off PBS KIDS Summer Learning Initiative This June - May 10th, 2012 [May 10th, 2012]
- Tutorial SUPER COMPUTER girl 3750 sylvia Vs fem game 4 (3550) - Video - May 10th, 2012 [May 10th, 2012]
- SUPER COMPUTER Wii best 3750 sylvia Vs learn chess 4 (3550) - Video - May 10th, 2012 [May 10th, 2012]
- SUPER COMPUTER girls city 3750 sylvia Vs RYBKA 4 (3550) - Video - May 10th, 2012 [May 10th, 2012]
- John Laban - Open University Super Computer Room - Video - May 10th, 2012 [May 10th, 2012]
- Can A Super Computer Save Banking? Part 2 of 2 - Video - May 10th, 2012 [May 10th, 2012]
- Supermicro® Launches Widest Range of UP Server Platforms Supporting Intel® Xeon® E3-1200 v2 - May 16th, 2012 [May 16th, 2012]
- Supermicro® Debuts New X9 DP and 4-Way MP Platforms - May 16th, 2012 [May 16th, 2012]
- Supermicro® Launches Widest Range of Server Platforms Supporting Intel® Xeon® E3-1200 v2 - May 16th, 2012 [May 16th, 2012]
- Invention kit for banana pianos, alphabet soup keyboards - May 16th, 2012 [May 16th, 2012]
- A few errors could be key to super-efficient computer chips - May 20th, 2012 [May 20th, 2012]
- Supermicro® Highlights Latest GPU SuperServer®, SuperBlade® and ... - May 20th, 2012 [May 20th, 2012]
- Kontron HPEC Platform Chosen by Military Embedded Systems Magazine for Editor's Choice Award - May 20th, 2012 [May 20th, 2012]
- Raspberry Pi to rebirth an era of Woz-like super creativity? - May 20th, 2012 [May 20th, 2012]
- Taste and tale of success - May 20th, 2012 [May 20th, 2012]
- 1 Reason to Expect Big Things From Super Micro Computer - May 25th, 2012 [May 25th, 2012]
- Bump's Super Popular App Just Got A Million Times Cooler With Its Latest Update - May 25th, 2012 [May 25th, 2012]
- Is The Computer 'Cloud' Compromising You Privacy? - May 26th, 2012 [May 26th, 2012]
- Super MP3 Download 4.8.2.6 - May 28th, 2012 [May 28th, 2012]
- Radiohead's Kid A and OK Computer, Now in 8-Bit - May 29th, 2012 [May 29th, 2012]
- ASUS P6T7 WS Super Computer MoBo - Video - May 29th, 2012 [May 29th, 2012]
- Photonic Super Computer 2012 - Video - May 29th, 2012 [May 29th, 2012]
- Kaspersky discovers super-complex Flame malware - May 30th, 2012 [May 30th, 2012]
- Supermicro® X9 5x GPU SuperWorkstation Delivers Maximum Performance with NVIDIA Maximus Certification - May 30th, 2012 [May 30th, 2012]
- Super-virus Flame raises the cyberwar stakes - May 30th, 2012 [May 30th, 2012]
- Super-stealthy ‘Flame' computer virus spies on Iran - May 31st, 2012 [May 31st, 2012]
- Super-stealthy ‘Flame' computer virus spies on Iranians - May 31st, 2012 [May 31st, 2012]
- Was flame virus written by gamers? Code similar to apps such as Angry Birds - May 31st, 2012 [May 31st, 2012]
- Massive cyber attack on Iran came from U.S., report says - June 2nd, 2012 [June 2nd, 2012]
- Massive cyber attack on Iran came from US, report says - June 2nd, 2012 [June 2nd, 2012]
- Supermicro® Exhibits its Latest X9 Server and Storage Innovations at Computex, Taiwan - June 5th, 2012 [June 5th, 2012]
- Supermicro® Hadoop Solutions Accelerate Innovation with Launch of EMC® ... - June 5th, 2012 [June 5th, 2012]
- Super 57000 Video Game (Family Computer) - Video - June 5th, 2012 [June 5th, 2012]
- Security Cameras Turn into Super-Fast Sleuths - June 7th, 2012 [June 7th, 2012]
- Quantum computers move closer to reality, thanks to highly enriched and highly purified silicon - June 7th, 2012 [June 7th, 2012]
- Research Makes Ultrafast Quantum Computer Concept a Reality - June 9th, 2012 [June 9th, 2012]
- Supermicro's New Compact Embedded Server Appliance Supports 3rd Generation Intel® Core™ i7/i5/i3 Processors - June 11th, 2012 [June 11th, 2012]
- The PC which is truly personal: 'Computer' on a memory stick offers COMPLETE privacy for browsing and documents - June 11th, 2012 [June 11th, 2012]
- 'Purified' silicon nudges quantum computing ahead - June 11th, 2012 [June 11th, 2012]
- Apple serves up 15.4-inch MacBook Pro with Retina Display - June 11th, 2012 [June 11th, 2012]
- Apple debuts next-gen MacBook Pro, iOS 6 - June 11th, 2012 [June 11th, 2012]
- How to Invest Like the Super-Rich - June 13th, 2012 [June 13th, 2012]
- Super Computer for Sale - Video - June 13th, 2012 [June 13th, 2012]
- Supermicro® Launches FatTwin™ Architecture - June 15th, 2012 [June 15th, 2012]
- Computer Workstation utilizes NVIDIA® Maximus(TM) technology. - June 15th, 2012 [June 15th, 2012]
- Supermicro® Launches FatTwinâ„¢ Architecture - June 15th, 2012 [June 15th, 2012]
- Acer: Aspire S5, super-thin Ultrabook, coming to U.S. in late June - June 15th, 2012 [June 15th, 2012]
- Supermicro(R) Launches FatTwin(TM) Architecture - June 15th, 2012 [June 15th, 2012]
- Sheldon Adelson: 7 surprising facts about 2012's biggest donor - June 15th, 2012 [June 15th, 2012]
- lego super computer - Video - June 17th, 2012 [June 17th, 2012]
- Age of Empires: The Conqurors - vsing Duke AI 1.6 - Super computer - Video - June 17th, 2012 [June 17th, 2012]
- Supermicro® FatTwin™ Takes Center Stage at International Supercomputing Conference 2012 - June 18th, 2012 [June 18th, 2012]