The nonprofit organization that looks after name and internet domains
has been hit by a spear phishing hack that has compromised company
data, reports The Register.
ICANN – or the Internet Corporation for Assigned Names and Numbers – revealed the breach on a statement on its website this week.
It appears that the attacks began last month, and seemed to originate
from ICANN servers in order to fool the employees targeted. “The attack
resulted in the compromise of the email credentials of several ICANN
staff members,” the organization explained.
The details were then used to access systems within ICANN, including
the Centralized Zone Data System, the Whois portal, the organization’s
blog and the Governmental Advisory Committee’s wiki. The latter of these
contains private employee details, as well as giving those with access a
view of the zone files of the world’s generic top-level domains.
Although nobody can alter the files within the system, hackers would
have managed to access information on who is registered within the
system, with data such as names, postal addresses, email addresses,
usernames and passwords.
“Although the passwords were stored as salted cryptographic hashes,
we have deactivated all CZDS passwords as a precaution,” the statement
explained. The organization is also “providing notices” to all CZDS
users whose personal information could be under threat.
PC Mag speculates
that the nature of the statement suggests that employees will have
clicked on questionable links within legitimate looking emails, or
downloaded attachments. In any case, ICANN has promised more precautions
in future, stating that “since discovering the attack, we have
implemented additional security measures.”
“We are providing information about this incident publicly, not just
because of our commitment to openness and transparency, but also because
sharing of cybersecurity information helps all involved assess threats
to their systems,” the statement concluded.
0 comments:
Post a Comment