ICANN, the Internet Corporation for Assigned Names and Numbers has issued a press release detailing the brief theft of its own domain names. ICANN is the organization which is charged with regulating the use of domain names among other things. Having its own domain names stolen is comparable to a store that sells security equipment being robbed.
On June 26 the domain names icann.com and iana.com were temporarily taken over. The attack allowed for the perpetrators to direct those websites to whatever location they wanted. ICANN claims that the incident only lasted for 20 minutes before being fixed. However, it may take up to two days for all internet directories to be updated and have the sites back to normal.
The attack used a combination of technical knowledge and social engineering. It was directed at the domain name registrar which ICANN uses. ICANN claims to have since implemented security measures to prevent this from occurring in the future.
In another unrelated incident, ICANN's official blog was attacked using a recent exploit in the blogging software Wordpress. This attack is believed to have been automated and not done with any motivation regarding ICANN itself. The effects were limited to the blog being taken offline for a short while while updates and repairs took place.
On June 26 the domain names icann.com and iana.com were temporarily taken over. The attack allowed for the perpetrators to direct those websites to whatever location they wanted. ICANN claims that the incident only lasted for 20 minutes before being fixed. However, it may take up to two days for all internet directories to be updated and have the sites back to normal.
The attack used a combination of technical knowledge and social engineering. It was directed at the domain name registrar which ICANN uses. ICANN claims to have since implemented security measures to prevent this from occurring in the future.
In another unrelated incident, ICANN's official blog was attacked using a recent exploit in the blogging software Wordpress. This attack is believed to have been automated and not done with any motivation regarding ICANN itself. The effects were limited to the blog being taken offline for a short while while updates and repairs took place.
|
|