Global Internet Authority ICANN Has Been Hacked

Internet Authority ICANN Has Been Hacked

The Internet Corporation for Assigned Names and Numbers (ICANN) has been hacked by unknown attackers that allowed them to gain administrative access to some of the organization’s systems, the organization confirmed.

The attackers used “spear phishing” campaign to target sensitive systems operated by ICANN and sent spoofed emails disguised as internal ICANN communications to its staff members. The link in the emails took the staff to bogus login page, where they provided their usernames and passwords with the keys to their work email accounts.

The data breach began in late November 2014 and was discovered a week later, ICANN, which oversees the Internet’s address system, said in a release published Tuesday. ICANN is the organization that manages the global top-level domain system.

“We believe a ‘spear phishing’ attack was initiated in late November 2014,” Tuesday’s press release stated. “It involved email messages that were crafted to appear to come from our own domain being sent to members of our staff. The attack resulted in the compromise of the email credentials of several ICANN staff members.”

With those details, the hackers then successfully managed to access a number of systems within ICANN, including the Centralized Zone Data System (CZDS), the wiki pages of the ICANN Governmental Advisory Committee (GAC), the domain registration Whois portal, and the ICANN blog.

The CZDS is a service used by domain registries and other interested parties to request access to the DNS root zone files and sensitive data associated with users’ online accounts. This provided hackers access to zone files and sensitive information such as names, postal addresses, email addresses, fax and phone numbers, usernames and cryptographically hashed passwords of account holders who used those systems.

The zone files contain sensitive and valuable information, including domain names, the name server names associated with those domains and the IP addresses for the name servers.

In an email sent to every CZDS user, ICANN has warned that “the attacker obtained administrative access to all files in the CZDS including copies of the zone files in the system. The information you provided as a CZDS user might have been downloaded by the attacker. This may have included your name, postal address, email address, fax and telephone numbers, and your username and password.”

via Global Internet Authority ICANN Has Been Hacked – Hacker News.

No Comments so far.

Leave a Reply