On 11 May, the High Performance Computing Center (HLRS), a research institute and a supercomputer center based in Stuttgart posted a notification that said: “Hawk was shut down due to a security incident”.
Hawk is the flagship supercomputer at the institute. With a peak performance of approximately 26 Petaflops, Hawk is an HPE Apollo 9000 System and is among the fastest supercomputers worldwide. It is the fastest general purpose system for scientific and industrial computing in Europe.
Even Leibniz Supercomputing Center of the Bavarian Academy of Sciences and Humanities near Munich admitted its systems had been targeted by hackers. In a statement posted on May 14, it said: “We can confirm a security incident that affects our high-performance computers. For safety's sake, we have therefore isolated the affected machines from the outside world.”
NEMO, Forschungszentrum Jülich and Karlsruhe Institute of Technology (KIT) also reported same problems, with the latter stating two high-performance computers bwUniCluster 2.0 and ForHLR II hit by a “serious security incident”.
The hackers appeared to have used stolen user account data so it is not as if it is a software or hardware issue but some serious security problem.
The UK-based Archer National Supercomputing Service also said its systems suffered a “security exploitation” that led its administrators to rewrite passwords and Secure Shell (SSH) keys.
“We would like to provide an update on the ARCHER Security Incident. We now believe this to be a major issue across the academic community as several computers have been compromised in the UK and elsewhere in Europe. We have been working with the National Cyber Security Centre (NCSC) and Cray/HPE in order to better understand the position and plan effective remedies”, ARCHER said in a statement.
“We are hoping to return ARCHER back to service early next week but this will depend on the results of the diagnostic scans taking place and further discussions with NCSC. All of the existing ARCHER passwords and SSH keys will be rewritten and will no longer be valid on ARCHER. There will be a new requirement to connect to ARCHER using a SSH key and a password”, the institute said today.
The US is blaming the Chinese, but then it always does, but the reality is that it could be anyone who wants that sort of data.