ICANN stung in phishing attack

By on
ICANN stung in phishing attack

Several systems compromised.

The Internet Corporation for Assigned Names and Numbers (ICANN) last month fell victim to a phishing attack that allowed attackers to gain administrative access to some of the organisation's systems.

ICANN - the US-based organisation in charge of running the domain name system (DNS) that translates internet protocol (IP) addresses into human-readable names -  late yesterday revealed the attack appeared to have been committed in late November.

Attackers sent phishing emails disguised as internal ICANN communications to staff members, and were successful in capturing the email credentials of several employees which were then used to compromise other systems.

One of the systems attackers were able to access was ICANN's centralised zone data service (CZDS), which is used by domain registries to request access to DNS root zone files.

As a result, user account details such as email addresses and passwords, as well as the zone files, were compromised.

ICANN said it stored passwords as salted cryptographic hashes, but it had deactivated all CZDS passwords regardless as a precaution. 

The organisation said it had not found any evidence that Internet Assigned Numbers Authority (IANA) systems - which manage unique names and numbers - had been compromised.

"Earlier this year, ICANN began a program of security enhancements in order to strengthen information security for all ICANN systems. We believe these enhancements helped limit the unauthorised access obtained in the attack. Since discovering the attack, we have implemented additional security measures," the organisation wrote in a blog.

"We are providing information about this incident publicly, not just because of our commitment to openness and transparency, but also because sharing of cybersecurity information helps all involved assess threats to their systems."

News of the compromise comes after the United States Congress passed an appropriations bill [pdf] last week stating the government cannot used the funds available under the Act to hand over control of ICANN during the 2015 fiscal year.

The US Government had been planning to transition its ownership of the organisation off to a private sector body.

The bill expires on September 30, 2015, meaning ICANN will now remain under control of the US Commerce department until at least October next year.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.

Most Read Articles

Log In

Username / Email:
  |  Forgot your password?