Hackers teach schools a lesson
Hackers have attacked the nation's most powerful academic computers, including a center in Pittsburgh run by Carnegie Mellon University and the University of Pittsburgh.
"They're not releasing too much information about the details to ensure their investigation proceeds as best it can," said David Hart, a spokesman for the National Science Foundation in Arlington, Va. "The only thing I can say is no data were damaged and there was no long-term damage."
The attack isn't believed to be terrorism-related.
The National Science Foundation has financed the TeraGrid, a $98 million project that links computers at five sites, including Pittsburgh. The purpose is to build the world's largest infrastructure for scientific research -- capable of performing 20 trillion calculations a second -- on problems as complicated as astrophysics and the Human Genome Project.
The sites whose computers were invaded earlier this month include the Pittsburgh Supercomputing Center operated by CMU and Pitt, as well as the California Institute of Technology, Colorado State University, the National Center for Atmospheric Research in Boulder, Colo., and the affiliated University Corporation for Atmospheric Research, according to The Chronicle of Higher Education, an independent weekly.
Also hit were Stanford University, the San Diego and Davis campuses of the University of California, the University of Colorado, the University of Nebraska, the University of Washington and the National Center for Supercomputing Applications at the University of Illinois at Urbana-Champaign.
"We don't ever make comments on security," said Michael Levine, co-director of the Pittsburgh Supercomputing Center. "It's a matter of general policy."
The Chronicle, however, said the Pittsburgh center blocked remote access to its machines until April 8 and ordered users to change their passwords.
"They were instructed not to use a password that they had used before or a word that could be found in any dictionary in any language," the newspaper said.
Karen Green, a spokeswoman for the center in Illinois, confirmed the assault on its computers.
"We took the computers offline as a precaution," she said. "There were no data compromised. We expect things to be back to normal pretty soon."
A notice on the TeraGrid's Web site states: "We are currently investigating a security incident involving unauthorized access to systems. It affects a variety of Internet sites, including some TeraGrid sites.
"To ensure the security of TeraGrid resources, we have taken several TeraGrid resources offline to conduct a thorough examination. We expect this examination to conclude within a few days.
"As a precaution, new passwords will be issued for all users. Details on how these passwords will be distributed are being sent on a per-site basis as systems come back online."
The Chronicle reported that the hackers used stolen passwords to enter a supercomputer, explore its vulnerabilities and later attack its weaknesses.
"It was not a terrorist attack as far as anyone knows," Green said.