Red Teams collecting organization charts

Mark Leininger, Fermilab's computer security manager, wrote this column.

The Department of Energy's Red Teams, groups of cyber security experts who work to test the cyber security at national laboratories, are on site.

There is evidence Red Teams are downloading organization charts from laboratory Web servers. Organization charts can provide useful information that Red Teams can use to launch social engineering and phishing attacks. For example, you may receive e-mail that appears to come from your supervisor with copies to other group members. This is done to make the e-mail appear authentic so that you will open attachments or click on links. Follow your intuition when you get e-mail that doesn't feel right, either because it contains unexpected subject matter or uses uncharacteristic writing style.

This kind of attack is especially difficult to detect in our environment because large groups of collaborators work together to share research information and may not know each other well enough to detect subtle changes in e-mail.

Below are actions to take if you question the authenticity of an e-mail. If you know the sender, contact them and ask if they sent you the e-mail. If the message is believable, but you don't know the sender, don't reply to the sender. If you recognize anyone on the cc: list, contact them to see if they can increase your confidence in the e-mail's authenticity. If you become convinced that a message is not authentic, please report it to the computer security team either by calling x2345 or e-mailing computer_security@fnal.gov. Do not forward the the suspect e-mail until you receive instructions on how to handle it. Note that although spam e-mails are a nuisance, they are not computer security incidents. Don't reply to spam, open spam attachments or click on links in spam e-mails.

It is safest to read e-mail as text only and turn off image display options. Your machine can get infected by reading an e-mail in html mode, particularly if images are displayed. Avoid sending e-mail in html format. This can tempt recipients to turn on html to view the formatting in your message. If you have a document that requires formatting, either send a link to the document or send it as an attachment.

Please be particularly alert during the next few weeks.

Supercomputing 08

Computing Division employee Dave Ritchie walks attendees through the spiral at the Fermilab booth at SC08, an annual supercomputing conference. The spiral displays computing history at Fermilab since the beginning of the laboratory. Images courtesy of John Urish.

Texas Tech University strong Fermilab collaborator

Texas Tech PhD students Youn Roh and Chiyoung Jeong

We regret that Texas Tech University was left off of the "Fermilab Connection" map that ran with the article "Universities, Fermilab both benefit from collaboration" on Thursday, Nov. 20.

Texas Tech has been a member of the Universities Research Association, one of Fermilab's management organizations, since its inception in 1967.

Texas Tech PhD students Youn Roh and Chiyoung Jeong are currently working at the LHC Physics Center at Fermilab.

Standard model gets right answer for proton, neutron masses

From Science News, Nov. 20, 2008

Correct calculation strengthens theory of quark-gluon interactions in nuclear particles

When it comes to weighty matters, quarks and gluons rule the universe, a new study confirms.

One of the largest computational efforts to calculate the masses of protons and neutrons shows that the standard model of particle physics predicts those masses with an uncertainty of less than 4 percent.

Read more