STANFORD --
Officials at Stanford Linear Accelerator Center are rethinking the
openness of their computer system a week after hackers forced them to
shut down outside access to the federal research facility's computer
network.
External access to the center's computer system was suspended
after staff members failed to catch hackers who had intercepted a
password and were moving in and out of more than 30 of the facility's
Unix servers.
``We traced the hackers around to the point that we weren't
gaining on them,'' said center spokeswoman P.A. Moore. ``The person
or persons were successful in covering their tracks and in getting
into and out of accounts.''
It is still unclear how the hackers got access to a password and
the system, Moore said.
But as a result of the breach, she said, officials are rethinking
the center's policy of being an open scientific research facility.
She said proposals are being considered to restrict the center's
computer system.
``A number of options are being considered and they range from
very mild to more severe,'' she said.
Moore said that most of the center's Internet services were
restored Tuesday after security measures were put in place and that
staff members were instructed to change their passwords.
The shutdown did not create any serious problems, although it
caused delays in many projects and denied researchers from all over
the world access to the center's Web site, Moore said.
Established in 1962, the Linear Accelerator Center is funded by
the Department of Energy and operated by Stanford University. With a
staff of about 1,300 and 2,000 researchers worldwide, the center
conducts basic research on atomic and subatomic physics. The center's
researchers use colliders to study matter at the atomic level.
``Mostly, we've lost time on experiments,'' Moore said. ``We do
not see that any data has been compromised. It's more of a setback
than a major disaster.''
But she said future break-ins will remain a problem for open
scientific facility. The center does not conduct any classified
research, she said.
``Computer hackers are very sophisticated in terms of their
knowledge and ease in traveling through cyberspace,'' she said.
``We're vulnerable. By being an open facility, we are a target for
vandals.''
Stephen Hansen, a Stanford University computer security officer,
said campus system break-ins average at least two a month.
A common tool used by hackers is a computer program dubbed ``the
sniffer,'' which allows intruders to decode data in a system,
specifically passwords and log-on names.
``Sniffers are quite dangerous,'' Hansen said. ``If they are not
caught right away, they can lead to break-ins to thousands of
accounts, not just locally, but across the Internet.''
To minimize such break-ins, he said, more system operators are
using encryption programs that prevent hackers from determining
sign-on names and passwords. However, this is not an easy option for
the Stanford center because encryption programs are prohibited in
some countries, including France, where a number of center-
affiliated researchers live.
