ICANN hit by Spear Phishing attack, several systems compromised

Guy Fawkers Mask

It appeared that the attack was initiated in late November and was discovered a week later.

The Internet Corporation for Assigned Names and Numbers, the nonprofit organization that acts as a gatekeeper for the Internet’s IP addresses and domain names said that hackers tricked their way into its computers.

The U.S.-based organization said it is investigating a Spear Phishing attack; a malicious email that spoofed the ICANN domain targeting one person or a small group of individuals leading them to reveal their network credentials. According to ICANN, one of the first things hackers did was compromise the Centralized Zone Data System (CZDS).

It appeared that the attack was initiated in late November and was discovered a week later. Normally Spear Phishing attacks suggests people click on a link in the messages that take them to a bogus login page, wherein they type their usernames and passwords, giving hackers the keys to their work email accounts to reach deeper. No sign of two-factor authentication, then.

According to ICANN, user names and passwords were made use of to access a Centralized Zone Data System, where intruders took control of files about generic top-level domains as well as names, addresses, passwords and other valuable data about users.

The attackers were also said to have used contrived passwords to access an ICANN wiki page; its blog, and a Whois list of registered owners of web addresses. However, ICANN said the blog and Whois did not appear to have been tampered with, which offered no insight into who was responsible for the attack.

“Based on our investigation to date, we are not aware of any other systems that have been compromised, and we have confirmed that this attack does not impact any IANA-related systems, investigators said.

“Earlier this year, ICANN began a program of security enhancements in order to strengthen information security for all ICANN systems. We believe these enhancements helped limit the unauthorized access obtained in the attack. Since discovering the attack, we have implemented additional security measures,” they added.

Late next year, ICANN is expected to break free of US oversight, to be handed over to an international consortium.

It was said in March that U.S. might not renew its contract with the Los Angeles-based agency, if in case a new oversight system was brought in place that ensures the Internet addressing structure is reliable. Next year, the agency intends to offer a new proposal on oversight to the US Department of Commerce.

 

Carrie Ann
Carrie Ann is Editor-in-Chief at Industry Leaders Magazine, based in Las Vegas. Carrie covers technology, trends, marketing, brands, productivity, and leadership. When she isn’t writing she prefers reading. She loves reading books and articles on business, economics, corporate law, luxury products, artificial intelligence, and latest technology. She’s keen on political discussions and shares an undying passion for gadgets. Follow Carrie Ann on Twitter, Facebook

Recent Posts

Supply chain crisis bad news for automotive industry leaders

Supply chain crisis bad news for automotive industry leaders

The world’s biggest car companies are on track to lose production of 7.7 million vehicles in 2021. The forecast advices automakers on supply chain and other issues.
2 days ago
Scammers dupe Apple fans with free bitcoin lure

Scammers dupe Apple fans with free bitcoin lure

Savvy scammers used a fake event stream, a fake Apple website, and the promise of free bitcoin to lure fans into opening up their wallets.
3 days ago
Japan’s MUFG offloads Union Bank to U.S. Bancorp for $7.3 billion

Japan’s MUFG offloads Union Bank to U.S. Bancorp for $7.3 billion

The total amount of cash to be received as part of MUFG Union Bank’s sale to Bancorp is $7.3 billion (800 billion yen).
4 days ago
Evergrande: A black swan event that could spook markets

Evergrande: A black swan event that could spook markets

EverGrande is now known as the “world’s most indebted property developer” and serves as a symbol of corporate excess.
5 days ago
Moderna vaccine more effective than Pfizer, study says

Moderna vaccine more effective than Pfizer, study says

Moderna’s Covid-19 vaccine does a slightly better job of preventing coronavirus-related hospitalizations and emergency department visits.
7 days ago
iPhone 13 and iPhone 13 Pro: Specifications, Release Date, Features and much more

iPhone 13 and iPhone 13 Pro: Specifications, Release Date, Features and much more

Apple iPhone 13 Pro and iPhone 13 Pro Max can be a hit with its ever new technology A15 Bionic chip and other cool profound features.
1 week ago