ICANN hit by Spear Phishing attack, several systems compromised

Guy Fawkers Mask

It appeared that the attack was initiated in late November and was discovered a week later.

The Internet Corporation for Assigned Names and Numbers, the nonprofit organization that acts as a gatekeeper for the Internet’s IP addresses and domain names said that hackers tricked their way into its computers.

The U.S.-based organization said it is investigating a Spear Phishing attack; a malicious email that spoofed the ICANN domain targeting one person or a small group of individuals leading them to reveal their network credentials. According to ICANN, one of the first things hackers did was compromise the Centralized Zone Data System (CZDS).

It appeared that the attack was initiated in late November and was discovered a week later. Normally Spear Phishing attacks suggests people click on a link in the messages that take them to a bogus login page, wherein they type their usernames and passwords, giving hackers the keys to their work email accounts to reach deeper. No sign of two-factor authentication, then.

According to ICANN, user names and passwords were made use of to access a Centralized Zone Data System, where intruders took control of files about generic top-level domains as well as names, addresses, passwords and other valuable data about users.

The attackers were also said to have used contrived passwords to access an ICANN wiki page; its blog, and a Whois list of registered owners of web addresses. However, ICANN said the blog and Whois did not appear to have been tampered with, which offered no insight into who was responsible for the attack.

“Based on our investigation to date, we are not aware of any other systems that have been compromised, and we have confirmed that this attack does not impact any IANA-related systems, investigators said.

“Earlier this year, ICANN began a program of security enhancements in order to strengthen information security for all ICANN systems. We believe these enhancements helped limit the unauthorized access obtained in the attack. Since discovering the attack, we have implemented additional security measures,” they added.

Late next year, ICANN is expected to break free of US oversight, to be handed over to an international consortium.

It was said in March that U.S. might not renew its contract with the Los Angeles-based agency, if in case a new oversight system was brought in place that ensures the Internet addressing structure is reliable. Next year, the agency intends to offer a new proposal on oversight to the US Department of Commerce.

 

Avatar
Carrie Ann
Carrie Ann is Editor-in-Chief at Industry Leaders Magazine, based in Las Vegas. Carrie covers technology, trends, marketing, brands, productivity, and leadership. When she isn’t writing she prefers reading. She loves reading books and articles on business, economics, corporate law, luxury products, artificial intelligence, and latest technology. She’s keen on political discussions and shares an undying passion for gadgets. Follow Carrie Ann on Twitter, Facebook

Recent Posts

Self-Driving Cars: Meet the Industry Leaders & Laggards

Self-Driving Cars: Meet the Industry Leaders & Laggards

Much like the flying car, the self-driving car has appeared frequently in sci-fi movies and TV shows. Who could forget Bruce Wayne’s favor...
9 hours ago
EU’s Data Protection act inadequate to meet new world tech need, says policy drafter

EU’s Data Protection act inadequate to meet new world tech need, says policy drafter

Europe’s data protection laws under the General Data Protection Regulation need to be revised to meet the post-pandemic world’s ...
13 hours ago
Volvo Cars’ path to an all-electric future just got bigger, bolder and better

Volvo Cars’ path to an all-electric future just got bigger, bolder and better

Volvo Cars will stop producing gas and diesel cars over the next 9 years, replacing the fleet with all-electric cars. ...
2 days ago
Gamestop Share Volatility May Return With Russell Index Readjustment

Gamestop Share Volatility May Return With Russell Index Readjustment

The addition or deletion of stocks to stock market indexes can lead to havoc in the trading world. There is speculation about the GameStop s...
2 days ago
Reduce, Reuse, Recycle: 5 Carbon Capture & Storage Startups Saving the World!

Reduce, Reuse, Recycle: 5 Carbon Capture & Storage Startups Saving the World!

From capturing and reducing carbon dioxide to creating negative emissions, we’ve found the five carbon capture and storage startups pu...
2 days ago
Walmart poaches Goldman honchos to run financial arm Ribbit Capital

Walmart poaches Goldman honchos to run financial arm Ribbit Capital

Walmart Inc. has lured two Goldman Sachs top executives to run its fintech startup floated in conjunction with Ribbit Capital. Omer Ismail, ...
3 days ago