Feeds

Wrecking CRU: hackers cause massive climate data breach

Secretive scientists' source code goes walkabout

SANS - Survey on application security programs

The University of East Anglia has confirmed that a data breach has put a large quantity of emails and other documents from staff at its Climate Research Unit online. CRU is one of the three leading climate research centres in the UK, and a globally acknowledged authority on temperature reconstructions.

CRU declined to say whether it would attempt to halt the data breach. In a statement a spokesman told us:

We are aware that information from a server used for research information in one area of the university has been made available on public websites. Because of the volume of this information we cannot currently confirm that all of this material is genuine.

A 61MB ZIP file was posted on a Russian FTP server late last night, local time. It contains over a thousand emails, and around three thousand other items including source code and data files. Emails are peppered with disparaging remarks and a crude cartoon of sceptical scientists is also included in the archive - suggesting the hacker roamed wide across the University's servers.

A spokesman confirmed there had been a hack, and that staff documents had been published, but declined to say whether the University would be seeking to halt further dissemination of the data.

This information has been obtained and published without our permission and we took immediate action to remove the server in question from operation. We are undertaking a thorough internal investigation and we have involved the police in this enquiry.

CRU has been the centre of controversy for its roles in creating global temperature reconstructions, and maintaining the archive of temperature data. Recent temperature reconstructions characterise post 1980 temperatures as unprecedentedly warm, and downplay historical periods of warm weather. This is the so called "Hockey Stick" controversy, and many (but far from all) of these reconstructions involve key CRU staff.

In August, Phil Jones admitted CRU had failed to keep the raw data, which would permit outside parties to create their own temperature reconstructions. More recently, CRU dendroclimatologist Keith Briffa defended his sampling methodology which saw the inclusion of one tree core from the Yamal Peninsula create a Hockey Stick shaped graph, dubbed the "hottest tree in the world".

The documents also appear to highlight a chummy relationship between sympathetic journalists - particularly the New York Times Andrew Revkin - and activist scientists.

They're being discussed at Steve McIntyre's Climate Audit here - but there's no reaction yet at the blog frequented by the participants of "Hockey Team", as they have styled themselves, RealClimate.

It would be premature to comment further on the contents of the archive without establishing its authenticity. Some emails contain curious idioms and spelling - but perhaps that's what years of dendroclimatology do to the brain.

®

Top three mobile application threats

More from The Register

next story
Fancy joining Reg hack on quid-a-day challenge?
Recruiting now for charity starvation diet
Red-faced LOHAN team 'fesses up in blown SPEARS fuse fiasco
Standing in the corner, big pointy 'D' hats
KILLER SPONGES menacing California coastline
Surfers are safe, crustaceans less so
LOHAN's Punch and Judy show relaunches Thursday
Weather looking good for second pop at test flights
Discovery time for 200m WONDER MATERIALS shaved from 4 MILLENNIA... to 4 years
Alloy, Alloy: Boffins in speed-classification breakthrough
Curiosity finds not-very-Australian-shaped rock on Mars
File under 'messianic pastries' and move on, people
Elon Musk's LEAKY THRUSTER gas stalls Space Station supply run
Helium seeps from Falcon 9 first stage, delays new legs for NASA robonaut
Top Secret US payload launched into space successfully
Clandestine NRO spacecraft sets off on its unknown mission
prev story

Whitepapers

Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.