Slashdot Mirror

← Back to Stories (view on slashdot.org)

Hackers Compromise ICANN, Access Zone File Data System

Posted by timothy on from the that-should-be-a-boss-level dept.

Trailrunner7 writes with this news from ThreatPost: Unknown hackers were able to compromise vital systems belonging to ICANN, the organization that manages the global top-level domain system, and had access to the system that manages the files with data on resolving specific domain names. The attack apparently took place in November and ICANN officials discovered it earlier this month. The intrusion started with a spear phishing campaign that targeted ICANN staffers and the email credentials of several staff members were compromised. The attackers then were able to gain access to the Centralized Zone Data System, the system that allows people to manage zone files. The zone files contain quite bit of valuable information, including domain names, the name server names associated with those domains and the IP addresses for the name servers. ICANN officials said they are notifying any users whose zone data might have been compromised." (Here's ICANN's public note on the compromise.)

3 of 110 comments (clear)

  1. Re:Some people better be out of a job... by TWX · · Score: 4, Interesting

    And replace it with what, exactly?

    Seriously, how do you intend to manage all of the addressing, both the IP level and the human-readable level, without some form of central authority?

    --
    Do not look into laser with remaining eye.
  2. Re:fire them by omglolbah · · Score: 5, Interesting

    We have a document control system at work, it has grown to such a degree that adding a document is a 3 day process involving a document controller and various other tasks. If the document does not fit a corporate template it may get rejected.

    At that point people tend to go "fuck it" and just send around work copies until it is finalized and THEN go through the hassle.

    It is unfortunate, but I've seen it happen in two different companies so far... both multinational, both ignoring their own procedures for sensitive data.

  3. Re: fire them by Anonymous Coward · · Score: 2, Interesting

    No, the GP is correct. Our head accountant recently received an email from our "CEO" telling her to wire some money for services our CEO has used. The perpetrators had done their research, right down to the actual full name of our real CEO and person responsible for the finances. Replies were sent to the Return-Path: header that is not in our domain. Were it not for the difference in email address scheme (first initial, all last name @ domain vs. full first name @ domain) and our existing offline, verbal confirmation for wire transfers exceeding a certain amount, our accountant would not have caught it.

    This is conducted all in standard email. No attachments. No fancy HTML.