The Internet Corporation for Assigned Names and Numbers, the nonprofit organization that acts as a gatekeeper for the Internet’s IP addresses and domain names said that hackers tricked their way into its computers.
The U.S.-based organization said it is investigating a Spear Phishing attack; a malicious email that spoofed the ICANN domain targeting one person or a small group of individuals leading them to reveal their network credentials. According to ICANN, one of the first things hackers did was compromise the Centralized Zone Data System (CZDS).
It appeared that the attack was initiated in late November and was discovered a week later. Normally Spear Phishing attacks suggests people click on a link in the messages that take them to a bogus login page, wherein they type their usernames and passwords, giving hackers the keys to their work email accounts to reach deeper. No sign of two-factor authentication, then.
According to ICANN, user names and passwords were made use of to access a Centralized Zone Data System, where intruders took control of files about generic top-level domains as well as names, addresses, passwords and other valuable data about users.
The attackers were also said to have used contrived passwords to access an ICANN wiki page; its blog, and a Whois list of registered owners of web addresses. However, ICANN said the blog and Whois did not appear to have been tampered with, which offered no insight into who was responsible for the attack.
"Based on our investigation to date, we are not aware of any other systems that have been compromised, and we have confirmed that this attack does not impact any IANA-related systems, investigators said.
"Earlier this year, ICANN began a program of security enhancements in order to strengthen information security for all ICANN systems. We believe these enhancements helped limit the unauthorized access obtained in the attack. Since discovering the attack, we have implemented additional security measures," they added.
Late next year, ICANN is expected to break free of US oversight, to be handed over to an international consortium.
It was said in March that U.S. might not renew its contract with the Los Angeles-based agency, if in case a new oversight system was brought in place that ensures the Internet addressing structure is reliable. Next year, the agency intends to offer a new proposal on oversight to the US Department of Commerce.