Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Vulnerabilities / Threats

02:11 PM
Connect Directly

Hackers Deface CERN's 'Big Bang' Particle Accelerator Site

As scientists began testing CERN's Large Hadron Collider last week, hackers made a mockery of the European lab's network security.

Just as scientists began testing CERN's Large Hadron Collider in Switzerland last week, hackers made a mockery of the European lab's network security.

The collider is a massive underground particle accelerator designed to conduct particle physics experiments. It lies beneath the border between France and Switzerland.

On Wednesday, just as the collider was about to be tested for the first time, a group calling itself the "Greek Security Team" hacked into a computer connected to the collider and defaced a CERN Web page with a message in Greek.

According to the Daily Telegraph, the hackers derided CERN's IT security staff as "a bunch of schoolkids." They professed to have no plan to disrupt collider experiments; they said they wanted to highlight the lab's security problems.

"We're pulling your pants down because we don't want to see you running around naked looking to hide yourselves when the panic comes," the hackers wrote, according to the Daily Telegraph's translation of the Greek defacement.

CERN didn't immediately respond to a request for comment.

A CERN spokesman told the BBC that no damage was done, but that the incident revealed the need for stronger security.

Though the hacked page has since been removed, the Daily Telegraph has preserved a screenshot.

An unnamed CERN scientist told the Daily Telegraph that the hackers were "one step away" from a computer than controlled one of the 12,500-ton magnets in the collider. Had they managed to get into that machine, they could have turned parts of the collider off.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Sodinokibi Ransomware: Where Attackers' Money Goes
Kelly Sheridan, Staff Editor, Dark Reading,  10/15/2019
Data Privacy Protections for the Most Vulnerable -- Children
Dimitri Sirota, Founder & CEO of BigID,  10/17/2019
State of SMB Insecurity by the Numbers
Ericka Chickowski, Contributing Writer,  10/17/2019
Register for Dark Reading Newsletters
White Papers
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
2019 Online Malware and Threats
2019 Online Malware and Threats
As cyberattacks become more frequent and more sophisticated, enterprise security teams are under unprecedented pressure to respond. Is your organization ready?
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2019-10-21
Authenticated SQL Injection in interface/forms/eye_mag/js/eye_base.php in OpenEMR through 5.0.2 allows a user to extract arbitrary data from the openemr database via a non-parameterized INSERT INTO statement, as demonstrated by the providerID parameter.
PUBLISHED: 2019-10-21
The unoconv package before 0.9 mishandles untrusted pathnames, leading to SSRF and local file inclusion.
PUBLISHED: 2019-10-21
In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be able to disclose sensitive information or cause a ...
PUBLISHED: 2019-10-21
In FusionPBX up to 4.5.7, the file app\fifo_list\fifo_interactive.php uses an unsanitized "c" variable coming from the URL, which is reflected in HTML, leading to XSS.
PUBLISHED: 2019-10-21
In FusionPBX up to 4.5.7, the file app\contacts\contact_times.php uses an unsanitized "id" variable coming from the URL, which is reflected in HTML, leading to XSS.