鶹ý

Laying siege to the grid

The world's most powerful supercomputer networks are under attack. But given the enormous technical expertise this requires, why are the hackers bothering? David Cohen investigates

IT IS 2 am in a dimly lit basement somewhere in suburban America. Alone figure illuminated only by the glow of a computer screen taps away at a keyboard. Suddenly he stops, shoots his hands triumphantly in the air and gives a whoop. After weeks of snooping around the internet, eavesdropping on data and planting programs to trap passwords, he has finally done it. He has taken control of one of the most powerful computing resources in the world, a 20-teraflop supercomputing grid, a network of high-powered machines roughly equivalent to the combined power of 20,000 desktop PCs. But as the moment of triumph passes, he pauses, stumped. What does he do now?

This question might well have crossed the mind of an anonymous hacker last month. On 10 April, Stanford University in California announced that a number of high-performance academic computer centres had been attacked. The network included computers at Stanford, the San Diego Supercomputer Center, the National Center for Supercomputing Applications in Illinois and Argonne National Laboratory in Chicago. Reports claim the hacks were confined to support machines connected to the supercomputers, and apart from closing down the machines for several days, no serious damage was caused.

On the face of it, this event is perhaps not surprising. Hackers have been breaking into computer systems for decades. And some experts say the recent attacks are nothing more serious than mindless acts of e-vandalism. “My guess is it’s kids doing it for bragging rights,” says computer security expert Bruce Schneier of Counterpane Internet Security, based in Mount View, California. But others say the latest events highlight a new trend in malicious hacking. The grid – an umbrella term for huge pools of computing power built by connecting supercomputers with dedicated high-speed networks – now offers every hacker the prospect of phenomenal computer power. Could this represent a serious escalation in the threat they pose?

Hackers usually break into machines to show off to their peers or to steal information such as credit card numbers. But the growing trend is to steal processor time. “It has become an increasing problem with the growth in popularity of distributed computing,” says Andrew Cormack, chief security adviser at the UK Education Research Networking Association, which oversees security on the UK’s academic computer networks. Cormack says that hackers have co-opted the techniques developed by projects such as SET@home. SET@home has enabled thousands of people around the world to pool their computer resources by downloading a screen saver to help crunch data from radio telescopes searching for extra terrestrial life.

“Not long after SETI began there was a rise in the malicious use of distributed computing,” Cormack says. He points to the rise in processor power theft as evidenced by recent computer worms. Some worms are designed to hide in a desktop PC and send out spam, others attack website servers in a “distributed denial of service attack”(DDoS) – in which many machines simultaneously request the same web page, causing the server to crash. Last summer, for example, the MS Blaster worm launched a DDoS on a Microsoft website. Experts believe the Sobig worm was created by spammers to steal email addresses. The more recent MiMail virus combined both of these approaches, collecting email addresses as well as launching DDoSs against websites of companies selling anti-spam software.

Clearly processor power is a valuable commodity. Several companies are even trying to get people to sell the spare cycles on their desktop PCs (鶹ý 15 July 2000, p 11). So it is hardly surprising hackers might want to steal it. After all, says Cormack, if something has a market value, someone will try to gain unauthorised access to it. “Stealing processor time is happening already,” he says, “but with the grid the scale could be much greater.”

It takes skill and specialist knowledge to advance from co-opting a network of desktop computers to hacking the grid to steal the processing power and storage space these systems boast. So why would a grid of interconnected supercomputers be more useful to a hacker than a network of thousands of hijacked desktop PCs? The answer is simple, Cormack believes: “You can control it much more easily.”

Beyond shutting down the machines or stealing or deleting data, one likely malicious use of supercomputer power is to crack passwords. Hackers often steal system password files, which contain the login names of all the users on a system, and a cryptographic hash of each password – a string of numbers and letters generated from each password. You can’t work backwards from the hash to the actual password, so they try to guess passwords until they find hashes that match. With a supercomputer, it could be possible to crack millions of passwords in one go. Admittedly modern passwords are hard to crack, but older ones have proved fallible. Last year, for example, Tom Perrine and Devin Kowatch at the San Diego Supercomputer Center created a system called TeraCrack to show that password systems used in many academic networks can be cracked on a single 1.5GHz desktop computer with 2.26 terabytes of hard disk space in 60 days. Then, dramatically, they showed that the time could be slashed to just 80 minutes, using their Blue Horizon supercomputer.

If not for cracking passwords, then how about watching movies? Doyle says the storage space and bandwidth offered by grid networks are often an equally attractive feature to hackers. “They offer a highly optimised way in which you could run illegal video-sharing networks,” he says.

Grids could also be used to launch massive DDoSs. Most grid machines are connected to the internet via very high-capacity lines, capable of transferring more than 2 gigabits per second – at least 4000 times faster than the average home broadband connection. These connections could be used to flood the internet to such an extent that the entire network could be brought to a grinding halt, says Jon Crowcroft, a grid expert at the University of Cambridge Computer Lab.

Crowcroft does not believe an attack would last more than a few minutes because administrators monitor their systems closely and would almost immediately detect the problem and shut down the connections. However he points out that disconnecting a machine or closing it down is a last resort because of the disruption it would cause. “It is far more difficult to analyse what’s happening on multi-user machines such as those on the grid,” he says.

It would even be possible to try to crack Digital Rights Management encoding systems that are used to make CDs and DVDs uncopyable, Cormack says. “Any digital encryption is theoretically crackable given enough computing resource. The question is whether you can do it in a reasonable amount of time,” he says. However, Ross Anderson, professor of security engineering at the University of Cambridge, is sceptical that this could succeed in reality. Modern strong encryption is impossible to crack with a brute force attack, even using the most powerful existing supercomputer.

If it seems speculative to imagine what might happen should the grid be compromised, it is worth remembering that last month’s break-ins were not the first attempt at hacking into a grid. Nor the worst. In March 2003 hackers broke into ScotGrid, a network of 150 Linux machines based at the University of Glasgow, UK and shared over the internet with the CERN particle physics laboratory in Geneva. The hackers intercepted the password of a remote user based in Geneva and used it to gain access to ScotGrid. They ran scripts that tried to reconfigure the machine to steal more passwords. The break-in was detected when the computers began to overheat under the strain of the processing demands, says Richard Sinnott, technical director of the National e-Science Centre based at the University of Glasgow. The machine room must be maintained at a precise temperature for the computers to work efficiently. “At first we thought it was an air conditioning problem, but then we realised the machine had been compromised,” he says. The cluster was taken offline for a day while the system was updated with new security fixes.

This incident caused a security rethink at ScotGrid. And though standards are yet to be decided for international grid security, access to most academic grids is strictly controlled. Each user is issued with a digital certificate that limits the amount of processor power and storage space he or she can use. If the computer administrators discover a certificate has been compromised they can revoke it within 24 hours – enough time to do damage, but at least the scope of the break-in would be limited. “To gain control of a grid that way you would have to hack the certificate system too, which is a very hard thing to do,” says Tony Doyle of ScotGrid.

Though the certificate system may be an effective way of limiting, if not eradicating, the dangers posed by hackers, there are ways of getting round such measures. The hackers who gained access to ScotGrid, for example, did so by completely bypassing the system that administers the certificates.

Cormack thinks that breaking into grid systems is too difficult for all but the most talented hackers. “You need to be a specialist in grid machines. It’s not like breaking into a Windows or Linux computer,” he says. But no security expert worth their salt would ever say never.

Topics: Computer crime