Crypto mining is a profitable business. However, people should not resort to illegal activities to mine cryptocurrency. Recently, hackers attacked multiple supercomputers across Europe.
Interestingly, hackers exploited a Secure Shell (SSH) connection. Thanks to SSH connection academic administrators are able to log in to the system remotely. Importantly, hackers stole university members’ SSH credentials in Canada, China, and Poland.
They tried to use supercomputers to mine cryptocurrency. Consequently, as least dozen of supercomputers in the U.K., Germany, and Switzerland have been forced to shut down to investigate the situation.
Importantly, another possible attack took place on a high-performance computer center in Spain. Moreover, most of the attacks targeted universities. On May 11, the University of Edinburgh, which runs the ARCHER supercomputer, reported the first accident.
Additionally, high-performance computing clusters located in the major universities in Germany also experienced problems. For example, hackers attacked Leibniz Computing Center and Julich Research Center among other institutions. They also targeted the Faculty of Physics at the Ludwig-Maximilians University in Munich. Furthermore, another victim was the Swiss Center of Scientific Computations located in Zurich. They wanted to use powerful computers for crypto mining.
Secure Shell Connection and crypto mining
As mentioned above, hackers gained access to the supercomputer clusters by exploiting an SSH connection. People who are not familiar may find it hard what is the purpose of SSH connection. It is a cryptographic network protocol and thanks to the protocol it is possible to operate service securely over an unsecured network.
The Computer Security Incident Response Team released the malware samples. As a reminder, CSIRT is a pan-European organization that coordinates research on supercomputers in different parts of Europe. Moreover, a U.S.-based cybersecurity firm had the possibility to review the malware samples.
Unfortunately, there is no lack of cyberattacks as hackers are willing to use any opportunity to steal money, personal data. Moreover, as can be seen from recent attacks they even tried to use supercomputers for crypto mining.
Thus, universities, as well as other institutions, should not forget that even a minor mistake could cost a lot of money. Moreover, they should work with experts to limit the risk of such attacks.