- Cool Yule Tools: 2008 Holiday Gift Guide
- 10 kitchen gadgets for the geek gourmet
- Google admits to violating iPhone development terms
- Smartphone smackdown: Storm vs. iPhone
- Google layoffs: 10,000 jobs being cut
Malicious hackers in recent weeks have infiltrated computer systems at universities in the U.S. and worldwide, leading to questions about the security of scientific research data, according to an official at the National Science Foundation.
The systems were located at universities and research facilities that operate high-performance computer centers, including facilities that are part of a project funded by the National Science Foundation (NSF) and called TeraGrid, said Sangtae Kim, director of the Division of Shared CyberInfrastructure at the NSF, an independent U.S. government agency.
Supercomputing centers at U.S. universities including the National Center for Supercomputing Applications (NCSA) at the University of Illinois at Urbana-Champaign and the Center for Advanced Computing Research (CACR) at the California Institute of Technology are partners in the TeraGrid project.
Systems at TeraGrid partner facilities were hacked, but no systems that make up TeraGrid itself were compromised, Kim said.
NSF does not know who was behind the attack, but believes it was part of a much larger action that affected high-end systems worldwide, including sites in Europe. Many of the compromised systems are connected to university research centers, he said.
Stanford University's Information and Technology Systems and Services (ITSS) group published a security alert on Saturday warning researchers about compromises of a number of systems running the Sun Solaris and Linux operating systems on the Stanford campus. The advisory also noted that the attacks were part of a move against "a large number of research institutions and high performance computing centers."
The university became aware of the intrusions after users noticed discrepancies in the time of their last reported log-in, which indicated that their log-in information had been hijacked. Other systems began performing poorly or reporting errors after the intruders installed so-called "rootkits," or programs that allow the malicious hacker to disguise his or her presence and gather information such as user names and passwords from the compromised system, the ITSS alert said.
Attackers gained access to the systems by cracking or sniffing passwords from insecure network traffic such as Telnet remote communications sessions or from password files on other compromised systems, according to the alert.
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 The Leader in Network Knowledge© 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comment