Athena break-in not solvedBy Irene Skricki
An unidentified perpetrator compromised the security of Project Athena late last semester, destroying the files of some student users before the intrusion was detected, according to Steven R. Lerman '72, director of Athena.
"Someone typed in a series of commands," Lerman said, "which essentially had the effect of creating a computer program which began systematically deleting files of users alphabetically by user name."
Athena administrators received messages on a hotline on Sunday, Oct. 20, from students reporting that their files on the Teela machine in the Student Center cluster were disappearing, he said. The student who took the calls notified an Athena staff member, who discovered the program in the process of deleting user files.
The staff member stopped the process and recorded a variety of log files; these logs kept a record of the state of the system, and changes made to it.
Lerman immediately started an investigation after learning of the incident. Athena staff questioned student consultants who had been in the Student Center cluster in an attempt to discover who was using the system at the time, but the consultants "couldn't reconstruct a list," Lerman said.
"We found out users who were logged in on nearby terminals," Lerman continued. "That's not information that's usually used for anything." The investigators contacted these users as well, to see if they could remember who was in the area. In addition, Lerman notified the Campus Police of the incident. The investigation has been unsuccessful so far.
Most of the lost student files were recovered. Project Athena keeps backup tapes that are generally stored every 24 hours, he said. Only information that was changed after the last backup tape was lost.
Only a small number of people have access to the root password, which is necessary to gain access to secure areas of the Athena system, according to Lerman. "Unfortunately there are a fair number of people who need to know the password to fix things." Students are occasionally given access to the password, he said. "It's very difficult to make major contributions to certain areas without having special privileges," Lerman stated.
"Unix [Athena's operating system] has the unfortunate property that it's an all-or-nothing proposition. Either you have root privileges or you don't," Lerman explained. Other operating systems have more than one level of access.
In response to the incident, Project Athena has begun to change the root passwords more frequently. "There isn't much one can do and still be compatible with how we want to operate the system," Lerman said. There has been no recurrence of the incident.
Athena staff encourage students to make backups of their files on floppy disks; personal computers are provided in the Student Center for that purpose. Athena plans to expand the number of available personal computers. "People have to take more responsibility for their own data," Lerman said.
If the person responsible is found, MIT will prosecute because tampering with electronic data is a serious crime in Massachusetts, he claimed. "I think that within the MIT community it is viewed as very serious because it was just malicious. It wasn't a hack in the sense that it was funny. A Fiat in Lobby 10 -- that's funny. This was not funny.
"As more and more information accumulates electronically as opposed to other forms, the destruction of it becomes an increasingly important issue," Lerman said.