ICANN hit by Spear Phishing attack, several systems compromised

Guy Fawkers Mask

It appeared that the attack was initiated in late November and was discovered a week later.

The Internet Corporation for Assigned Names and Numbers, the nonprofit organization that acts as a gatekeeper for the Internet’s IP addresses and domain names said that hackers tricked their way into its computers.

The U.S.-based organization said it is investigating a Spear Phishing attack; a malicious email that spoofed the ICANN domain targeting one person or a small group of individuals leading them to reveal their network credentials. According to ICANN, one of the first things hackers did was compromise the Centralized Zone Data System (CZDS).

It appeared that the attack was initiated in late November and was discovered a week later. Normally Spear Phishing attacks suggests people click on a link in the messages that take them to a bogus login page, wherein they type their usernames and passwords, giving hackers the keys to their work email accounts to reach deeper. No sign of two-factor authentication, then.

According to ICANN, user names and passwords were made use of to access a Centralized Zone Data System, where intruders took control of files about generic top-level domains as well as names, addresses, passwords and other valuable data about users.

The attackers were also said to have used contrived passwords to access an ICANN wiki page; its blog, and a Whois list of registered owners of web addresses. However, ICANN said the blog and Whois did not appear to have been tampered with, which offered no insight into who was responsible for the attack.

“Based on our investigation to date, we are not aware of any other systems that have been compromised, and we have confirmed that this attack does not impact any IANA-related systems, investigators said.

“Earlier this year, ICANN began a program of security enhancements in order to strengthen information security for all ICANN systems. We believe these enhancements helped limit the unauthorized access obtained in the attack. Since discovering the attack, we have implemented additional security measures,” they added.

Late next year, ICANN is expected to break free of US oversight, to be handed over to an international consortium.

It was said in March that U.S. might not renew its contract with the Los Angeles-based agency, if in case a new oversight system was brought in place that ensures the Internet addressing structure is reliable. Next year, the agency intends to offer a new proposal on oversight to the US Department of Commerce.

 

Carrie Ann
Carrie Ann is Editor-in-Chief at Industry Leaders Magazine, based in Las Vegas. Carrie covers technology, trends, marketing, brands, productivity, and leadership. When she isn’t writing she prefers reading. She loves reading books and articles on business, economics, corporate law, luxury products, artificial intelligence, and latest technology. She’s keen on political discussions and shares an undying passion for gadgets. Follow Carrie Ann on Twitter, Facebook

Recent Posts

US Space Force allows repurposed SpaceX rocket to launch GPS satellite

US Space Force allows repurposed SpaceX rocket to launch GPS satellite

A GPS navigation satellite built by Lockheed Martin is set to ride a reused SpaceX booster on a launch from Cape Canaveral, Florida, Thursday. It will be the first time a military
5 hours ago
Disney boss says 40 pc ad revenue went to streaming sites, no plans of ad supported Disney+

Disney boss says 40 pc ad revenue went to streaming sites, no plans of ad supported Disney+

Walt Disney CEO Bob Chapel says the company’s advertising revenue for the upcoming fall television season was strong and went up by “double-digits” compared to 2019.
2 days ago
BlackRock ETFs breach $3 trillion mark in May

BlackRock ETFs breach $3 trillion mark in May

BlackRocks’ exchange-traded fund crossed $3 trillion for the first time in May, in sync with the ETF industry’s race to an all-time high of $9 trillion.
2 days ago
Flagship Pioneering, investor in Moderna raises $3.4 billion funds

Flagship Pioneering, investor in Moderna raises $3.4 billion funds

Flagship Pioneering, the bioplatform company, and the venture capital investor in Moderna, today announced that it had raised additional funding of $2.23 billion, which brings its
3 days ago
United to recall furloughed employees as travel recovers

United to recall furloughed employees as travel recovers

The fading of the pandemic and the rollout of vaccines has brought in some good cheer for the floundering air travel industry. More countries have opened up for business and are al
4 days ago
UK’s Sanne agrees to consider Cinven bid

UK’s Sanne agrees to consider Cinven bid

Sanne, a UK fund administration business that provides alternative asset and corporate services, has agreed to hold talks with private equity firm Cinven over a potential £1.4bn t
4 days ago