Universities that cooperate to conduct scientific research are particularly susceptible to compromise because of the open nature of their mission, according to Jonathan Bingham, president of Intrusic Inc., in Waltham, Massachusetts, which sells technology to spot covert and illicit activity on computer networks, which it terms "noiseless action."
"You've got large groups of individuals trying to access systems from all over world, so universities commonly have portions of their network set up almost like the Internet, in that access is wide open," he said.
Malicious hackers can easily gain access to less secure areas of a university's network, then listen to network traffic to capture the credentials needed to access more sensitive areas, he said.
While some experts raised the specter of massive denial of service (DoS) attacks using the hijacked supercomputers, the real threat to the TeraGrid project and the universities that got hacked is from stealthier behavior, such as quietly leaking sensitive research data or discoveries from compromised research machines, Bingham said.
While rebuilding and patching compromised systems will close the holes that intruders used, it is no guarantee that the malicious hackers behind the compromise do not still have access to the sensitive networks.
"Once they're in a network of this size and scope, they're going to compromise other systems using stealth techniques that are different from the ones they used to get in. Once you figured out (the compromise) and know what systems are vulnerable, they're already on a different system," he said.