This article was published in Scientific American’s former blog network and reflects the views of the author, not necessarily those of Scientific American
On supporting science journalism
If you're enjoying this article, consider supporting our award-winning journalism by subscribing. By purchasing a subscription you are helping to ensure the future of impactful stories about the discoveries and ideas shaping our world today.
As the first particles began circulating in the Large Hadron Collider (LHC) this week, a group of hackers calling themselves the "Greek Security Team" penetrated computer systems inside CERN's Geneva, Switzerland, facility, where the world's biggest particle accelerator is housed, the Telegraph.co.uk reported today.
The hackers were reportedly targeting the Compact Muon Solenoid Experiment (CMS), a device in Cessy, France, built to monitor a wide range of particles and phenomena produced in high-energy collisions in the LHC. The 12,500-ton detector's different layers (weighing, according to CERN, as much as 30 jumbo jets or 2,500 African elephants) stop and measure the different particles, and use this data to form a picture of events at the heart of the collision. Scientists plan to use the info to help answer questions about what the universe is really made of and what forces act within it.
On Wednesday, as the LHC was revving up, CMS engineers searched computers for half a dozen files uploaded by the hackers. The interlopers accessed the computer that monitors the CMS software system as the CMS collects data during particle collisions.
CERN scientists says no harm was done but that the break-in raises security concerns, given that intruders were able to penetrate so close to the CMS's computer control system, according to the Telegraph.co.uk. In other words, the hackers came this close to being able to switch off some CMS controls.
"We are 2600 - dont mess with us. (sic)," the group warned in a message to CERN engineers. The "2600" refers to a U.S. magazine published quarterly that appeals to the hackers worldwide by publishing technical information about telephone switching systems, the Internet and other technology, as well as computer-related news. The mindset behind the sharing of this information is to find vulnerabilities in the computer systems used by government and industry and force them to improve their security by exploiting their flaws. In fact, 2600 has become a brand in the hacker world: in addition to 2600: The Hacker Quarterly; an organization known as 2600 hosts hacker conferences and there's even a film company of that name that's made a documentary on legendary hacker Kevin Mitnick.
Given the huge interest not to mention the enormity of the LHC's task, it's "highly disturbing" that hackers were able to compromise and change data on its Web site, Graham Cluley, security researcher with Sophos Plc (a security services firm based in both the UK and Burlington, Mass.) wrote in his blog today. "Theoretically," he noted, "hackers could have planted malicious code which could have stolen identities or installed malware onto the computers of millions of web visitors."
Image courtesy of CERN