Slashdot Mirror

← Back to Stories (view on slashdot.org)

South Pole Research Station Hacked Twice

Posted by ryuzaki0 on from the doors-wide-open dept.

Marda writes "It's been known for a while that Romainian cyber extortionists cracked the computer network at the Amundsen-Scott South Pole Station last year. Now SecurityFocus is reporting that another computer intruder penetrated the station just two months before, and cracked the data acquisition system for the Degree Angular Scale Interferometer (DASI), a radiotelescope that measures properties of the cosmic microwave background. It turns out the station was insecure 'purposely, to allow for our scientists at this remotest of locations to exchange data under difficult circumstances,' according to internal reports."

13 of 292 comments (clear)

  1. Re:??????WTF?????? by Anubis350 · · Score: 5, Interesting

    yeah, but VPN?
    besides, there are a lot of remote montiroing tools out there that use various forms of encryption. Leaving your network umprotected is just asking for trouble. For that matter, why is it news worthy if they get hacked then? after all, its already wide open

    --
    "goodbye and hello, as always" ~Prince Corwin, from Zelazny's Amber series
  2. Unbefuckinlievable. by Crackez · · Score: 1, Interesting

    seriously, hire me. I will secure your network and make it "easy"...

    Stuff like that should not happen with propoer staffing, so one has to ask? where is their netowrk guru? all those scientists, one should have learned how to be a sysadmin by now. It's really not that hard... Well, it depends on the OS, but still...

    Do I smell a community effort brewing to help these people out?

  3. Back In The Day... by cjsnell · · Score: 5, Interesting

    There used to be a machine at McMurdo Station called mcmvax.mcmurdo.gov. I remember back in, oh, 1994 or so, sending finger requests to their machine and using the VMS equivalent of talk(1) (can't remember what it was called...) to send text messages to the folks logged on. I don't remember ever getting a response, though. It was also kind of fun to do traceroutes and pings to the machine. The network path was insane...apparently it went over satellite and the latency was usually at least 800ms+. Ah, memories...I miss the days when almost everyone ran open finger and talk/ntalk daemons.

    1. Re:Back In The Day... by eamonman · · Score: 3, Interesting

      When I was a frosh in college in 1995, I would ytalk/talk with my friends at other colleges all the time. MIT, Caltech, Northwestern, UC schools; all were open. I even had a login script to let me know who of my friends were on. I guess it was evanecent in some way. It was also really cool to get talk requests from people all around the world, wondering how you are, how things are in your bit of the world.

      Within four years, those ports were all shut down. Of course, we all had ICQ and AIM by then, but it's not the same as watching someone type r-e-a-l-l-y s-l-o-w-e-r-^H^H-l-y and finishing their sentences for them.

      --
      0- Eamonman Proud member of DNRC
  4. Re:??????WTF?????? by Hartree · · Score: 5, Interesting

    Sadly, this happens fairly often in research groups, and it's often hard to convince them to tighten things up. On the one hand, they say there's nothing commercially valuable on the machine, and that tightening security would lower productivity (usually false). On the other, they are often hard to convince that since much of the work and data is on the computers, they should have a good and tested backup system.

    Sooooo... They get cracked, and when they do, it causes major data loss and takes a long time to return the machines to full service as there are no recent backups. And somehow, it's the fault of the security type whose advice they ignored/derided.

    Been there, done that, wanted to strangle several research group leaders/members with the t-shirt.

  5. Re:This is disgusting behavior by Short+Circuit · · Score: 3, Interesting

    It's all very funny until someone is seriously hurt by this type of hacking.

    A very real threat. In the 80s, Cliff Stoll watched a guy relay from his system into a machine called PETVAX. At the time, that machine controlled the output of a radioactive particle emitter. Specifically, it controlled whether it was routed to a medical patient or a science experiment.

    Read Cuckoo's Egg.

    --
    tasks(723) drafts(105) languages(484) examples(29106)
  6. You gotta wonder... by grcumb · · Score: 5, Interesting

    As someone who's set up Internet servers in the high Arctic and who quite recently found himself posting 'I'm still alive' updates to my blog as the remote South Pacific island I was on was being battered by a hurricane, I STILL made sure to use ssh/ssl to connect to remote servers.

    I was dialed in over a microwave link running at about 10Kbps. Even pathetic bandwidth is no excuse not to use simple security measures.

    P.S. I'm posting from yet another Pacific Island, where I regularly use an ssh tunnel to connect to my home IMAP server, over a modem line that I share with 12 other computers on our local network.

    --
    Crumb's Corollary: Never bring a knife to a bun fight.
  7. Re:Eric S. Raymond Vocabulary Enforcement by Mashiki · · Score: 2, Interesting

    The rest of the world has already made up it's mind. It's an uphill battle compared to a downhill one, you know which one will be easier.

    At this point it's a lost cause. Hackers, for good or ill are so vilified in the MSM(Main Stream Media) that once it(the MSM) collapses we'll have a chance to redeem ourselves. Until that happens, we have to put up with fuck-wits like those that are going to hit the RNC convention blocking out "freedom of expression" and ruin the name.

    --
    Om, nomnomnom...
  8. Makes perfect sense, from their perspective by fejes · · Score: 5, Interesting

    Seriously, if you're setting up a network for a long term project, you set it up once, and move it all over there with everythig ready to go... (which means the Amundsun base might have been permanently been stuck with a network of 386's, had things worked that way.) Of course, my guess is that the computers wandered over there one at a time, with no coordinated plan - and no through beyond "we need a few computers, which people in the states need access too, located at the south pole!)

    The key issue is that if an academic is given a computer, they're not going to have the faintest idea of what's required security wise. [In fact, I've seen academics go out and buy really big (30") screens and fancy macintoshs just to run email and a browser, if that gives you an idea of the mindset of many in the scientific community.] - and other than the penguins (who only work for herrings and probably don't want to pay tax), there aren't any "neighborhood geeks" nearby to help them with their machines.

    I just spent two years in a science laboratory in North America at a VERY large institution. Of the two hundred or so scientists in that department alone, maybe ten or fifteen knew enough about computers to write HTML - and probably not a lot further. As the department evolved over time, computers were added in one at a time, by whom ever felt like putting in a computer. Thus, there wasn't a single coordinated plan , and some of the computers were left completely vulnerable intentionally! If there's no one in charge, no structure to coordinate the addition of computers, and no one able to make the decisions to put an infrastructure in place, there's no one to insist on security standards. Can you say welcome mat to hackers?

    I'd be willing to bet that that's exactly what happened at the South Pole. Someone decided they wanted to be able to share files with another scientist, and I'd doubt either had ever heard of SSH. Net result: they intentionally put a hole in the flimsy security they had to begin with. I can imagine the thought process: "I need to share a file with someone 30000km away.. lets just create an annonymous ftp to c:\, that way I won't have to worry about them not having access to anything they need!"

    Finally, the key point is that if you have computers at the south pole, it's going to cost an exorbitant amount to send someone out to mantain them, and the only alternative is to have the scientists call "tech support" back in the states (or is india closer?), which is probably like talking my father through a computer problem. It's bad enough when you're there, but 100x worse when you're at opposite ends of the country. Of course, if you leave a few "holes" open intentionally, someone back home can log in and maintain it for you. (-;

    Sorry for the overlong rant!

    --
    The more you know, the more you know you don't know.
  9. Re:??????WTF?????? by dargaud · · Score: 3, Interesting
    I'm sure there are plenty of folks out there who'd LOVE to have something like this on their resume.
    I have this on my resume [sysadmin and scientific software in Antarctica, along with much more]. But it apparently it doesn't impress employers, I spent 6 months looking for a job before opening my own small sofware business couple months ago. Yes, this is a shameless plug and should be moderated as so !
    --
    Non-Linux Penguins ?
  10. Re:??????WTF?????? by rikkards · · Score: 3, Interesting

    They have a sysadmin there. His main priority is ensuring the email is up that's it.

  11. Stupidity cust both ways - why no head on a pike? by Roadkills-R-Us · · Score: 2, Interesting

    While I agree that it's nuts to trust an open system on the internet these days (though it should not be!), there are plenty of folks out there (including brilliant scientists) who still don't realize the danger. It's too bad nobody with a clue had some oversight.

    OTOH, I think this would be a great rallying point to bring together a multinational task force, or at least some headhunters under public sanction, to start going after the scum who screw people over on their networks. It's against the law for me to break into your house. If I do this, I'm liable to go to jail and/or pay a fine. IN a rational society I would also be liable to pay restitution, but that's another story.

    If I break into your house and destroy everything you own, I'm liable for big trouble. If, in the process, I do things which could endanger you, I'm liable for bigger trouble.

    Why isn't this true for computers and networks?

  12. Re:??????WTF?????? by Anonymous Coward · · Score: 2, Interesting

    They hire IT people not because IT is too difficult for them to do on their own, but too mundane. Please don't make the mistake of telling them how things should be done.

    Which is quite true. Good physicists (and there are a number of pretty mediocre ones around, but you can usually spot the good ones) are just about the smartest and best educated people on the planet. If they had the time and inclination to learn, they'd be quite capable of doing the jobs of the IT people that they hire. Some of them know enough to do the job anyway, without extra training, but they're quite uncommon.

    Physicists don't expect to understand the details of every field - they'll hire, say, electronic engineers to produce a lot of the custom electronics required. They do expect, however, to sit down in a meeting with said engineers and understand the problems. They probably won't know in detail how to solve a particular problem, but they'll certainly recognise one, and know in general terms what needs to be done to fix it.

    That's the way to have a successful interaction between smart physicists and IT types. If you, as an IT type, present the technical issues, point out the problems, and describe a way of doing things better, which still allows physicists to get the work done the way they want to work, you'll do well.

    If you don't have a deep understanding of the systems that you manage, however (stand up, 95% of windows "admins") or tend to deliver arbitrary diktats on the grounds of "security", you'll be basically ignored.

    Some of the non-negotiable requirements of physicists are: 1. The ability to connect to your home institution from some random computer anywhere in the world and get work done. Basically, that means ssh. 2. The ability to get mail from absolutely anywhere. That means a terminal-based mail client with ssh, and also some kind of webmail. 3. The ability to have any bit of software or hardware installed if they're needed for work. That oscilloscope running windows? No, I'm not going to stop taking data for a morning whilst you upgrade it. You can put it on a private network (as long as it's still accessible from the main group computers) but you can't unplug it or reboot it in the middle of an experiment. If I need to share data with people from half a dozen other institutions, you'd better make that possible (probably by giving them accounts on our computer systems. If you don't have an administrative way of giving computer accounts to non-employees without a lot of paperwork, you'd better get one. The upper limit on paperwork is roughly one signature on one bit of paper.)