Internet Backbone ICANN Hacked in Phishing Incident

By Peter R - 19 Dec '14 13:01PM

Internet's managers, Internet Corporation for Assigned Names and Numbers (ICANN) succumbed to a phishing attack when some employees of the organization accessed malicious mails.

According to BBC, employees were tricked into accessing mails which appeared to be sent from official email ids of other employees. Through the malicious mails, hackers gathered login and password credentials of people who supervise some of the top domains on the internet. The attack reportedly took place in late November and was discovered a week later.

"We believe a "spear phishing" attack was initiated in late November 2014. It involved email messages that were crafted to appear to come from our own domain being sent to members of our staff. The attack resulted in the compromise of the email credentials of several ICANN staff members," ICANN said in an announcement.

ICANN keeps the system of addresses working on the internet ensuring data is effectively routed between source and destination.

Tech Times reported following comprise of credentials, hackers gained access to the sensitive Centralized Zone Data System (CZDS).

"The attacker obtained administrative access to all files in the CZDS. This included copies of the zone files in the system, as well as information entered by users such as name, postal address, email address, fax and telephone numbers, username, and password," ICANN said.

The organization said it had deactivated all CZDS passwords as precaution though passwords that were obtained through the hack were encrypted. The organization said no other systems were compromised and additional measures have been implemented to strengthen security.

Fun Stuff

The Next Read

Real Time Analytics