Attackers Strike At The Most Crucial Point Of The Internet
Hackers have gone after the very infrastructure of the internet with a spear phishing attack on ICANN employees and got access to a key administrative database as well as other digital assets.
ICANN has admitted that the attackers crafted the email messages to look like as if they came from the organization’s domain. The attackers also managed to get access to the blog and ICANN WHOIS information portal, however it seems no impact has been done on these systems.
The hackers who managed to get access of domain-name manger ICCAN’s systems were not able to compromise a critical point of internet the IANA infrastructure – which is managing global DNS and allocate IP addresses.
ICANN has confirmed in a report that the attack did not impact any systems connected to IANA. The ICANN employees whose passwords were stolen did not have any permissions to access functions of the IANA systems.
They have added that the IANA systems that alters one of the most important points of the internet’s structure are entirely other system with extra layers of security that have not been compromised.
ICANN which has a contract from the US government to run the IANA systems, provides some obscure details on its security measures only saying that they have multiple levels of protection implemented for their most important services. While hackers were able to compromise just the external layer of security systems their most important services were not reached.
Even that the one of the crucial points of internet’s core systems were not compromised does not mean that they are secure, also raising important questions about the organization’s implemented security measures.
It is unknown what and how much extra security measures is built into the IANA systems. A spear phishing attack was aimed at icann.org email addresses which is also used by the employees for their email. Meaning that questions over the security of their systems can be rather tricky to answer as it seems their got lucky rather than being secure.
It is very important to educated employees and any other user to be suspicious and careful of links received via email. It needs lots of training and work to increase the insight of any user.
Quiet on details
The huge lack of basic information on its security measures asks questions where there are any implemented at all, or if they are as complex and updated as you would expect for an organization with such important role over the internet to use.
We assume that like any other VPN provider, Nord VPN has implemented and utilizes additional security measures on our systems. We are aware now that ICANN does not do that for a number of their systems and that is frightening.
Supposedly, the same is not true for crucial IANA systems, however employees email does not have two-factor authentication: something that might worry a lot of us since emails from ICANN to the US government can impact the crucial points of the internet.
Somehow the non-profit ICANN does not look like they would be wanting to calm people’s minds. On the other hand that might be their policy as any information can be used by hackers to shape another attack.
Still, we here at NordVPN providing high security and privacy service would like to know that extremely sophisticated and a lot more security measures would be implemented and used on such critical points of the internet.