FAQ (incident 15 May 2020)
Contents
- 1 I have stored files in my personal scratch directory ($SCRATCH). Will the regular purge of personal scratch directories continue while the clusters are closed?
- 2 Are batch jobs affected by the closure of the clusters?
- 3 I have a paper deadline and urgently need to access data on the clusters that I don't have stored locally. When will access to data on the cluster be possible?
- 4 HPC resources are critical for our research. When will it again be possible to compute on the HPC clusters of ETH?
- 5 Do you know how Euler and Leonhard have been compromised?
- 6 Have my data been accessed, copied or modified?
- 7 What measures have been put in place to prevent similar events in the future?
I have stored files in my personal scratch directory ($SCRATCH). Will the regular purge of personal scratch directories continue while the clusters are closed?
Purging of the personal scratch directories has been suspended while the clusters are closed.
Are batch jobs affected by the closure of the clusters?
The compute nodes are being drained for reinstallation. All queues have been inactivated. Jobs that were running when the cluster was closed will complete normally, except maybe some very long jobs that will need to be terminated. New jobs will not be started. Pending jobs will remain in the queue until the cluster is back in operation.
I have a paper deadline and urgently need to access data on the clusters that I don't have stored locally. When will access to data on the cluster be possible?
Our first priority (Plan A) is to bring the clusters on-line as quickly as possible. Euler is still closed. Leonhard is partially open (data access only; no computation) while we reinstall it.
HPC resources are critical for our research. When will it again be possible to compute on the HPC clusters of ETH?
We are fully aware of this and are working around the clock — literally! — to bring you a clean and safe working environment as quickly as possible. Based on the current progress, we estimate that Euler will be reopened around 27 May. Leonhard will follow about a week later. A temporary solution has been put in place to access its storage systems in the meantime.
Do you know how Euler and Leonhard have been compromised?
The attacker apparently got access through a compromised user account. The details are still being investigated.
Have my data been accessed, copied or modified?
The investigation is still on-going. So far, there is no indication that user data have been tampered with. This is not a ransomware attack.
What measures have been put in place to prevent similar events in the future?
Security starts with you. You must protect your account (strong password, SSH keys protected by passphrase, etc.) to ensure that no-one else but you can use it. We are also taking additional measures to protect the system. For obvious reasons we cannot disclose the details to the public.