5 December 2015
When I read the headline of Warwick Ashford’s report ‘Australia blames China for cyber-attack on supercomputer’ my first thought was: Why would anyone go after a number cruncher? It can’t be all that bad, because under normal conditions number crunchers don’t store business critical information.
In the evening I started gathering information about the attack and found some really worrying details.
In Ashford’s report we read ‘The BoM supercomputer contains a lot of research, but could be viewed as a potential gateway to a host of government agencies that have even more sensitive information.’
In an ABC report one reads ‘In the event of a conflict, compromising Australia’s ability to accurately forecast weather would affect the operation of military and commercial aircraft. Beyond that, the bureau provides a gateway to other agencies.’
The Bureau of Meteorology (BoM) provides services to other agencies. Since a login is required, it is very likely that login credentials have been compromised. This makes attacks on other agencies very likely because login credentials are frequently re-used across services.
In addition both sources report that the BoM provides a gateway to other services. Hopefully the networks of the Australian government agencies are better isolated from each other than the OPM network from other U.S. agency networks. If properly isolated it’s much harder for the attackers to move across the gateways into other networks.
‘The damage is actually … to then make sure that the hackers have not left behind any software that is continuing to spy or providing hackers with renewed access, …’
The author talks only about confidentiality issues, but what about integrity issues? Who checks whether the results of the computations are still the same as before the attack? Slight changes to algorithms may have a major impact on forecast information and could end up in the worst case in a plane crash.
Have a good weekend.