Welcome to MilkyWay@home

Where MilkyWay@home Was The Last Few Days

Message boards : News : Where MilkyWay@home Was The Last Few Days
Message board moderation

To post messages, you must log in.

AuthorMessage
Profile Tom Donlon
Volunteer moderator
Project administrator
Project developer
Project tester
Project scientist

Send message
Joined: 10 Apr 19
Posts: 408
Credit: 120,203,200
RAC: 0
Message 70788 - Posted: 17 May 2021, 20:42:23 UTC
Last modified: 17 May 2021, 23:58:29 UTC

Hello Everyone,

On Friday, May 7th, RPI experienced a cyber-attack that forced RPI to rapidly take down their entire network. This included email, on-campus internet, and connection to the MilkyWay@home server. We were caught by surprise by the network going down, so we were unfortunately not able to warn our volunteers about this problem or shut down the server ahead of time.

We updated our social media a few times during this outage, but please understand that we did not know when service would come back up for MilkyWay@home until connection to the server actually came back up. During this time, RPI IT was working on understanding the extent of the attack, making sure that the attack did not get any worse, and setting up precautions for the future that would prevent this sort of attack. We were not in control of when the server went down or when it would go back up.

Please know that the attack did not impact Linux-based machines (such as the MilkyWay@home server). Additionally, no personal information on the website was accessed or affected by the cyber-attack.

Thank you volunteers for your patience and understanding. If you have any questions I'm happy to do my best to answer them.

Best,
Tom
ID: 70788 · Rating: 0 · rate: Rate + / Rate - Report as offensive     Reply Quote
Dunx

Send message
Joined: 13 Feb 11
Posts: 31
Credit: 1,403,524,537
RAC: 0
Message 70791 - Posted: 17 May 2021, 21:19:34 UTC

Welcome Back !

My poor PC isn't keeping me warm without it's GPU wattage !

Glad you are on top of the situation, it's always worse when the academic side of operations is down.

Back in the 90's we had it easy ! Nobody was really "hacking" the mini-computers the college here had.

Looking forward to some more Work Units soon !

Regards,

D.C. ( Wakefield, U.K. )
ID: 70791 · Rating: 0 · rate: Rate + / Rate - Report as offensive     Reply Quote
Profile Wisesooth

Send message
Joined: 2 Oct 14
Posts: 43
Credit: 54,798,348
RAC: 1,668
Message 70793 - Posted: 17 May 2021, 21:35:39 UTC - in response to Message 70788.  

The internet is being used as a weapon by at least three types of sources:
    Government predators(especially their military),
    Ideological paramilitary (e.g.: Islamic jihad), and
    Organized crime (e.g.: identity theft).


Unfortunately, Internet protocol technology did not pay due attention to abuse in its design. Firmware technology used in routers and motherboards ignored this threat, even though it was detected and known for most of the current decade (e.g.: trapdoor chip). Recent performance advances in computer chip technology and artificial intelligence have made current state-of-the-art encryption more vulnerable to decryption. Also, there is urgent need for more intensive information-sharing and coordinated research between public and private sector organizations (with international scope) to abate the risk to tolerable levels. I have more to share about this subject that is beyond the limitations of a comment. Some of the information is best shared privately. You know where to find me, Tom.


ID: 70793 · Rating: 0 · rate: Rate + / Rate - Report as offensive     Reply Quote
Mat

Send message
Joined: 7 Apr 20
Posts: 2
Credit: 22,343,991
RAC: 51
Message 70795 - Posted: 18 May 2021, 1:34:51 UTC - in response to Message 70788.  

The University of South Australia also suffered a cyber attack around the same time.
I'm now wondering how many institutes were targeted...
ID: 70795 · Rating: 0 · rate: Rate + / Rate - Report as offensive     Reply Quote
marmot
Avatar

Send message
Joined: 12 Dec 15
Posts: 51
Credit: 131,936,802
RAC: 41,799
Message 70797 - Posted: 18 May 2021, 8:22:30 UTC - in response to Message 70788.  

Was it a profit making attempt through encryption->ransom or cyber intelligence gathering?
ID: 70797 · Rating: 0 · rate: Rate + / Rate - Report as offensive     Reply Quote
Profile Tom Donlon
Volunteer moderator
Project administrator
Project developer
Project tester
Project scientist

Send message
Joined: 10 Apr 19
Posts: 408
Credit: 120,203,200
RAC: 0
Message 70798 - Posted: 18 May 2021, 15:45:06 UTC
Last modified: 20 May 2021, 21:15:26 UTC

As of right now, we have only been told that it was a ransomware attack. We suspect that it was an attempt to encrypt RPI files and then charge RPI for the files' release. For more information, we recommend that you look at the official RPI statements on the attack (since that's about all that we know!)
ID: 70798 · Rating: 0 · rate: Rate + / Rate - Report as offensive     Reply Quote
[TA]Assimilator1
Avatar

Send message
Joined: 22 Jan 11
Posts: 375
Credit: 64,657,871
RAC: 0
Message 70802 - Posted: 19 May 2021, 6:12:23 UTC - in response to Message 70798.  

As of right now, we have only been told that it was a ransomware attack. We suspect that it was an attempt to encrypt RPI files and then charge RPI for the file's release. For more information, we recommend that you look at the official RPI statements on the attack (since that's about all that we know!)

Thanks for the info, but what is RPI??? lol
Team AnandTech - SETI@H, DPAD, F@H, MW@H, A@H, LHC, POGS, R@H, Einstein@H, DHEP, WCG

Main rig - Ryzen 5 3600, MSI B450 G.Pro C. AC, RTX 3060Ti 8GB, 32GB DDR4 3200, Win 10 64bit
2nd rig - i7 4930k @4.1 GHz, HD 7870 XT 3GB(DS), 16GB DDR3 1866, Win7
ID: 70802 · Rating: 0 · rate: Rate + / Rate - Report as offensive     Reply Quote
Profile Keith Myers
Avatar

Send message
Joined: 24 Jan 11
Posts: 696
Credit: 539,991,222
RAC: 87,065
Message 70803 - Posted: 19 May 2021, 6:42:28 UTC - in response to Message 70802.  


Thanks for the info, but what is RPI??? lol


Rensselaer Polytechnic Institute
ID: 70803 · Rating: 0 · rate: Rate + / Rate - Report as offensive     Reply Quote
Profile mikey
Avatar

Send message
Joined: 8 May 09
Posts: 3315
Credit: 519,939,839
RAC: 22,823
Message 70804 - Posted: 19 May 2021, 10:37:55 UTC - in response to Message 70802.  

Thanks for the info, but what is RPI??? lol


Rennselear Polytechnic Institute the College where MilkyWay is based.
ID: 70804 · Rating: 0 · rate: Rate + / Rate - Report as offensive     Reply Quote
Profile BDDave
Avatar

Send message
Joined: 21 May 10
Posts: 19
Credit: 100,867,126
RAC: 0
Message 70818 - Posted: 21 May 2021, 16:55:24 UTC - in response to Message 70804.  
Last modified: 21 May 2021, 16:56:00 UTC

Found this on the net, about 2 weeks old but is a summary of what happened.

Rensselaer Polytechnic Institute’s Network Hit by Malware
https://www.govtech.com/education/higher-ed/rensselaer-polytechnic-institutes-network-hit-by-malware

Cyberattack knocks out RPI computer systems
https://www.timesunion.com/news/article/Cyber-attack-knocks-out-RPI-computer-systems-16162678.php

Happy to get back to crunching data!
ID: 70818 · Rating: 0 · rate: Rate + / Rate - Report as offensive     Reply Quote
Profile mikey
Avatar

Send message
Joined: 8 May 09
Posts: 3315
Credit: 519,939,839
RAC: 22,823
Message 70819 - Posted: 21 May 2021, 22:44:53 UTC - in response to Message 70818.  

Found this on the net, about 2 weeks old but is a summary of what happened.

Rensselaer Polytechnic Institute’s Network Hit by Malware
https://www.govtech.com/education/higher-ed/rensselaer-polytechnic-institutes-network-hit-by-malware

Cyberattack knocks out RPI computer systems
https://www.timesunion.com/news/article/Cyber-attack-knocks-out-RPI-computer-systems-16162678.php

Happy to get back to crunching data!


As Tom said though none of the MilkyWay stuff was affected because the hackers targeted Windows based computers/servers while MilkyWay uses Linux based Servers. Next time it could be different though so I hope everyone is thinking long term here.
ID: 70819 · Rating: 0 · rate: Rate + / Rate - Report as offensive     Reply Quote
Profile Tom Donlon
Volunteer moderator
Project administrator
Project developer
Project tester
Project scientist

Send message
Joined: 10 Apr 19
Posts: 408
Credit: 120,203,200
RAC: 0
Message 70821 - Posted: 22 May 2021, 0:35:51 UTC - in response to Message 70819.  
Last modified: 22 May 2021, 0:37:45 UTC

We use hash encrypted passwords for MilkyWay@home, both for users and developers. Nowhere on the server is your password (or ours!) stored in plain text. RPI has also updated their security protocols in order to prevent such attacks in the future.

I understand that passwords aren't the only security weakness that's out there, but know that we're careful to try to keep good security practices here.
ID: 70821 · Rating: 0 · rate: Rate + / Rate - Report as offensive     Reply Quote
Profile mikey
Avatar

Send message
Joined: 8 May 09
Posts: 3315
Credit: 519,939,839
RAC: 22,823
Message 70822 - Posted: 22 May 2021, 3:08:38 UTC - in response to Message 70821.  

We use hash encrypted passwords for MilkyWay@home, both for users and developers. Nowhere on the server is your password (or ours!) stored in plain text. RPI has also updated their security protocols in order to prevent such attacks in the future.

I understand that passwords aren't the only security weakness that's out there, but know that we're careful to try to keep good security practices here.


And we users REALLY appreciate what you do!!
ID: 70822 · Rating: 0 · rate: Rate + / Rate - Report as offensive     Reply Quote
Astro 1940

Send message
Joined: 29 Aug 12
Posts: 2
Credit: 204,504,206
RAC: 0
Message 70850 - Posted: 5 Jun 2021, 15:46:08 UTC

By the way your URL is ".cs" (Czechoslovakia)! Really?
ID: 70850 · Rating: 0 · rate: Rate + / Rate - Report as offensive     Reply Quote
Profile Tom Donlon
Volunteer moderator
Project administrator
Project developer
Project tester
Project scientist

Send message
Joined: 10 Apr 19
Posts: 408
Credit: 120,203,200
RAC: 0
Message 70851 - Posted: 5 Jun 2021, 16:02:48 UTC

The "cs" in our URL is actually part of "cs.rpi.edu", which indicates that the project is affiliated with the computer science department at RPI.
ID: 70851 · Rating: 0 · rate: Rate + / Rate - Report as offensive     Reply Quote

Message boards : News : Where MilkyWay@home Was The Last Few Days

©2024 Astroinformatics Group