Chinese hackers accused of trawling New Zealand supercomputer

The National Institute for Water and Atmospheric Research machine is used for weather forecasting but hackers could have seen it as a gateway to access sensitive Western intelligence.

The $12.7 million IBM-built machine is known as FitzRoy.

"We are . . . confident the intruder did not get beyond the supercomputer,” Niwa chief executive John Morgan said on 5/23.

Speculation on the hackers’ motive ranges from gleaning foreign intelligence through interconnected systems to reproducing an export-controlled supercomputer for cyberwar purposes.

No sensitive, personal or client information was held on the machine itself.

“The idea is that while cabinet minutes over ACC levies or the schematics for the NZ Defence Force battle tractors might be of limited utility to the Chinese state, ultimately hackers would hope to access the Five Eyes network, which sees Australia, Canada, NZ, the United Kingdom and the US cooperatively collect and share intelligence,” NBR reports.

Or it could be part of a more basic move to steal modeling software, which could then be altered to suit scenarios other than weather, security expert Paul Buchanan said. “They also might be interested in the location of weather buoys or accessing the links to weather satellites, both of which can be used for non-weather related purposes,” he said.

Daniel Ayers, a fraud investigator with private company Special Tactics, sees a military angle.

"Supercomputers produced by US companies are subject to ITAR (International Traffic in Arms Regulations). They are considered to be weapons and are therefore subject to strict export controls and rules of operation.  This is because of their immense processing power — in particular this could be used to mount a brute force attack on encryption.

"The culprit in this case might have been seeking to establish a ‘botnet’ of supercomputers to solve a particularly difficult problem - possibly cryptographic. Or they might have suspected that the machine had covert classified uses, and it may do."

ThreatWatch is a regularly updated catalog of data breaches successfully striking every sector of the globe, as reported by journalists, researchers and the victims themselves.