At CERN, we probe the fundamental structure of particles that make up everything around us. We do so using the world’s largest and most complex scientific instruments.
Know more
Who we are
Our Mission
Our Governance
Our Member States
Our History
Our People
What we do
Fundamental research
Contribute to society
Bring nations together
Train, educate and engage
Fast facts and FAQs
Key Achievements
Key achievements submenu
The Higgs Boson
The W boson
The Z boson
The Large Hadron Collider
The Birth of the web
Antimatter
Latest news
News
Accelerators
At CERN
Computing
Engineering
Experiments
Knowledge sharing
Physics
Events
Webcasts
CERN Community
News and announcements
Official communications
Events
Scientists
News
Events
Press Room
Press Room submenu
Media News
Resources
Contact
The research programme at CERN covers topics from kaons to cosmic rays, and from the Standard Model to supersymmetry
Know more
Physics
Antimatter
Dark matter
The early universe
The Higgs boson
The Standard Model
+ More
Accelerators
CERN's accelerators
The Antiproton Decelerator
The Large Hadron Collider
High-Luminosity LHC
+ More
Engineering
Accelerating: radiofrequency cavities
Steering and focusing: magnets and superconductivity
Circulating: ultra-high vacuum
Cooling: cryogenic systems
Powering: energy at CERN
+ More
Computing
The CERN Data Centre
The Worldwide LHC Computing Grid
CERN openlab
Open source for open science
The birth of the web
+ More
Experiments
ALICE
ATLAS
CMS
LHCb
+ More
See all resources
By Topic
Accelerators
At CERN
Computing
Engineering
Experiments
Knowledge sharing
Physics
By format
360 image
Annual report
Brochure
Bulletin
Courier
Image
Video
+ More
By audience
CERN community
Educators
General public
Industry
Media
Scientists
Students
+ More
Voir en
|
By Computer Security team
What do “Daniela.Wick@cern.ch”, “Kris.Avandal@cern.ch”, “Magnus.Fallbaum@cern.ch”, “Petra.Kosmanen@cern.ch”, “Ron.Waitmal@cern.ch” and “Stephanie.Porasky@cern.ch” have in common? No, they aren’t members of the personnel even if they pretend to have a CERN email address and their names sound similar to those of some of our colleagues in the CERN Computer Security team. No, they have no business with CERN at all, even if their email messages claim otherwise. And no, they are not trustworthy, as they tried to steal your password. Welcome to the annual clicking campaign, revised.
22 731 emails were sent out on 1 August purporting to come from one of the made-up email addresses above, presenting you with an important message on your “New voicemail from +41792231243” or the “Update on your invoice”, concerning your “Office 365™ Subscription” or your “Signed contract”, asking you for “Action Required”, or just sending you the latest “COVID 2022 Report”. 22 731 emails, one to each CERN email address assigned to a member of the personnel owning a CERN mailbox. Each email trying to lure you to click on the embedded link, which, if clicked, presented you with a login page ready to accept your username. And, for those who made it that far, asking for your CERN password… For those who took that last step, BOOM! Not only did you put your device and your digital life at risk when clicking on the initial link, by handing over your CERN password to a malicious website you opened the door to fraud and sabotage. Once again, remember the mantra “STOP – THINK – DON’T CLICK” before opening attachments or unsolicited links – they might bring nasty surprises. And remember that your password is yours and yours alone and should only make it into CERN’s old and new single sign-on (SSO) pages. Anything else could wreak havoc – on CERN’s operations, finances and reputation.
But not this time, fortunately, as the emails were part of our annual campaign on cybersecurity risks and the dangers of (sophisticated or not) unsolicited emails. Still, the reaping was sadly fruitful. More than 1800 people clicked and fell into the trap by entering their username in the fake SSO page and trying to enter their password, too. 1800 accounts. If that had been a real attack, they would now be in the hands of an attacker. 1800 accounts available to spam the world through CERN’s email system, abusing CERN’s computer centre for cryptocurrency mining, downloading costly journals and scientific papers from CERN’s digital library, extracting (confidential!) data or documents from our storage systems, stealing money from the CERN treasury or sabotaging the operations of CERN’s accelerators or experiments. There is still room for improvement. There is still some room at the top.
Hence, look out for these things:
And, finally, the silver bullet against account abuse. Complement your password by protecting your account with a so-called second factor: your mobile phone or a hardware token. When logging in (about twice per day), you would be asked as usual for your password but also to provide this second factor. A simple number generated by a smartphone app or hardware token. This two-factor authentication (2FA) is the silver bullet for account protection, as the attacker now needs to not only phish your password by the aforementioned means, but also steal your smartphone (or hardware token) – and we all know always where our smartphone is, don’t we? So, give it a try and check out how to obtain and manage 2FA here.
In short, please help us reach the top. Enable 2FA for your account, remember STOP – THINK – DON’T CLICK and check for malicious emails using the following tips:
Do you want to learn more about computer security incidents and issues at CERN? Follow our Monthly Report. For further information, questions or help, check our website or contact us at Computer.Security@cern.ch.
Follow Us
v J W M 1
