DeepSec 2013 Talk: Hack The Gibson – Exploiting Supercomputers
Compromising and controlling a large number of computers is a big advantage for attackers. The best example are the botnets consisting of hundreds, thousands or millions of systems infected by malicious software. These herds of compromised nodes receive commands from Command & Control (C&C) servers. In a sense this is massive parallel computing, but unfortunately it isn’t used for scientific purposes. Instead these nodes send unsolicited e-mails (a.k.a. spam), perform Distributed Denial of Service (DDoS) attacks, or do other tasks for their masters. The infection process is highly automated. Scripts looks for promising targets, attack them, install the botnet software, and add them to the herd’s network. Great. But what about infecting whole networks of nodes instead of nodes one by one? Modern supercomputers are based on a multi-node architecture. Individual nodes are part