Come to the dark side, we have cookies

Cookies can be a temptation. Hackers may be leaving cookies on your browser. Photo: Nina Matthews Photography

While Hollywood and the media depict computer hacking with special effects and magical tools, success is often gained with nothing more than a web browser, the ‘telnet’ command and some analytical thinking.

Every day, the Fermilab Computer Security Team is constantly scanning your computer for various vulnerabilities. Normally these scans are quite unobtrusive, looking only for serious vulnerabilities or misconfigurations. Occasionally, however, members of CST transfer over to the “dark side” and play the role of a hacker. During this role reversal, CST launches aggressive scans against Fermilab computers, looking for holes and deficiencies to exploit or to retrieve information that should not be available, or to obtain access to run arbitrary programs on the target computer. The team will not actually hack into any lab computers, but it will discover computing systems that could be breached by an outsider attacker.

This year, for the first time, CST invited DOE Safeguards and Security personnel to assist in these activities as part of our Contractor Assurance program, which assures DOE that the laboratory cyber security program is operating as stated and with transparency. They were pleased both with our process for performing these scans and with the results of the exercise, thereby avoiding the necessity for them to perform scans on their own.

During the May-June exercise, CST assessed around 10,000 computers. Most of these computers were secure. But the team did find a few deficiencies that led to the equivalent of a hacker compromise on some legacy systems that were not yet migrated to current technologies. Additionally,they easily accessed a few computers without password-protected screen savers in unlocked offices. But overall we (and DOE) were pleased at the small number of hackable systems we discovered. We notified administrators of systems with deficiencies and they corrected their vulnerabilities.

How can you prevent yourself from being a target? Keep up to date on patches. Turn off unneeded services or restrict access to only the local machine. You can scan your own computer from the ‘Scan me Now’ link at the top of the Fermilab Computer Security home page. Lastly, make sure you activate a password-protected screen saver and be sure to lock up not only your computer, but also your office, when you leave for the evening.