The ICANN Misfortune: What the Global Internet Authority Showed the World
The internet has turned the world into a community where people from around the world can communicate with those who are across the globe from where they are. People are now more up-to-date and in the know of what is happening around the world. News and current events are no longer limited in newspaper prints. People no longer have to rely on post cards and letters to update family and friends of their activities. Businesses no longer have to rely on physical offices to make transactions with clients. Brands are no longer limited to market their products and services to a specified market.
With such a vast and dynamic community, how can control and orderliness be implemented?
The Internet Corporation for Assigned Names and Numbers, better known as ICANN, is the closest thing the digital community has to governance. The establishment has been organized to impose regulation in a constantly moving environment that is the internet. It was established to keep legal issues to a bare minimum especially when it comes to businesses.
Ironically, the internet authority suffered an attack which shook the global community into a realization that nothing and no one is exempted from vulnerability online.
To date, the attackers’ identification are still unknown. But the criminals have garnered administrative access to a number of ICANN’s systems, which the organization also confirmed.
How can a strictly protected establishment such as ICANN be cracked?
It appears that the hijackers utilized spear phishing. This campaign can zero in on sensitive systems. The ICANN-operated systems were infected through spear phishing which resulted to email messages mocked up as coming from the internal communications of the establishment. The affected parties were ICANN staff members. The link from the fake email message led the victims to a made-up login page where they are asked to key in their username and passwords. Entering the login information to the mocked login site is tantamount to handling the cyber criminals with the keys to ICANN’s work spaces.
With the details gathered from the information hijack, the attackers were successful in accessing different systems within ICANN. This includes the CZDS or the Centralized Zone Data System, WHOIS which is the domain registration portal, the ICANN blog, and even the ICANN wiki pages for GAC or Governmental Advisory Committee.
The Centralized Zone Data System is the service utilized by domain registries to request admission to the DNS root one files. This also includes sensitive information connected to the users’ accounts online.
With this access, the attackers are able to get their hands on zone files and other personal info such as complete names, email addresses, postal addresses, phone numbers, fax numbers, user names, and even the cryptographically hashed passwords of the users who utilize the system.
The zone files also hold other valuable data such as the domain names, name of domain servers connected to the said domains, and the IP address for each name server.
ICANN confirmed that the organization has not found any evidence that the Internet Assigned Numbers Authority or IANA systems has been compromised in any way.
The internet authority confirmed to have implemented tighter security measures which may lessened the severity of the attack. However, the incident seized the world into the realization that security online should not be taken lightly as anyone is susceptible to it.