The discovery of cryptomining operations has forced supercomputing clusters across the world offline in an incident that exposes the poor security of some of the world’s most powerful research machines.
The incident appears to have involved cybercriminals distributing malware by taking advantage of compromised SSH credentials (SSH is a network protocol that gives users secure remote access to systems).
The UK’s ARCHER was among those forced out of service as security teams scrambled to flush malware out of its system. (ARCHER, an aging Cray XC30 machine, is used for research purposes by a wide range of universities).
ARCHER’s team noted: