Ethical hacking group worm their way into Fermilab

Physics

Access all areas:
The Sakura Samurai
group of ethical
hackers infiltrated
Fermilab’s data
systems with the
knowledge of the
lab’s managers (Courtesy: Fermilab/Reidar Hahn).

A group of “ethical hackers” has obtained access to sensitive sys­tems and proprietary online data hosted by the Fermi National Accel­erator Laboratory in the US after accessing multiple unsecured entry points in late April and early May. The group – Sakura Samuraidis­covered configuration data for the lab’s NoVa experiment and more than 4500 “tickets” for tracking internal projects.

The Sakura Samurai team has previous experience probing the vulnerabilities of scientific and edu­cational organizations, which hold critical information that if leaked could put those institutions at risk. “Fermilab was no different,” Sakura Samurai leader Robert Willis told Physics World. “Oversharing can be very dangerous, especially when it’s sharing credentials that could enable a malicious actor to take over a server with the potential to move across their network to access items that the organization wouldn’t even think of being vulnerable.”

Providing the wrong sensitive information can put not just one asset, but everything, at risk

Robert Willis

The hacking team targeted Fer­milab because of its openness and the size of the lab. The hack was per­formed with Fermilab management’s knowledge so that they could “lock down” critical information before it was performed. “[Fermilab] seemed interesting as it has a vulnerability disclosure programme and is also a physics lab with lots of machinery and a half-billion-dollar grant,” adds Willis. “That would make it very attractive to a threat actor looking to ransomware their assets to hold them hostage.” Indeed, the hacking team found its effort time-consum­ing owing to Fermilab’s basic open­ness. “Some findings were without a doubt critical and didn’t need veri­fication from Fermilab. But other findings relied on communications with Fermilab to verify,” Willis says.

Nevertheless, the ethical hacking group found the hack to be relatively simple, with many of the findings emerging with manual methods and basic tools that allowed them to navigate the file structure to find open ports and services. “We may very well have saved Fermilab from a future ransomware attack, consid­ering a set of credentials would have given us the proper access to infect a server, and go from there,” says Wil­lis, who adds that once lab managers were informed of the security issues they responded quickly. “The lab handled the situation very well and fast,” says Willis. “From initial con­tact to their internal verification and remediations, the entire process was under two weeks.”

Culture of sharing

Fermilab spokesperson Tracy Marc notes that the lab “takes all reports of cybersecurity vulnerabili­ties seriously, and we are continuing to review the matter”. She denies any concern that experiments could be vulnerable to unethical hacking that could change results, because, she says, their data are “made available through controlled authorization and access methods”.

Willis claims that many of the hacks on large organizations happen because of a lack of understanding of what hackers can do. That can be problematic for managers of organi­zations like Fermilab that have a cul­ture of sharing. “Treat all publicly accessible information as if someone wants to do something malicious with it,” says Willis. “Providing the wrong sensitive information can put not just one asset, but everything, at risk.”

Products You May Like

Articles You May Like

Apple’s latest accessibility features are for those with limb and vocal differences
Analysis: DoD space budget ‘clear winner’ in 2022 proposal
Mysterious fast radio bursts come in two distinct flavours
NASA Shares Spectacular Image of Galaxies Merging 140 Million Light-Years From Earth
Beachgoers Reported Being Stung by Hundreds of Jellyfish Washed Ashore in Southend

Leave a Reply

Your email address will not be published. Required fields are marked *