Hackers Threaten Major Online Infrastructure Attacks, Say Experts
“There have been targeted attacks in the past, but nothing like this.”
Tuesday 12th March 2019
Integral parts of the online infrastructure face a major attack that threatens the worldwide system of web traffic – this is the stark warning issued from ICANN (The Internet Corporation for Assigned Names & Numbers) during an emergency meeting.
ICANN described an “ongoing and significant risk” to key aspects of the infrastructure that affects the domains on which websites reside. “They are going after the internet infrastructure itself,” warned David Conrad, ICANN’s chief technology officer. “There have been targeted attacks in the past, but nothing like this.”
The collective concern of security researchers has deepened in recent times, with the attacks themselves believed to have started back in 2017. And it was concerns over this building threat that prompted for the emergency meeting to take place.
According to ICANN specialists, among others in the field, the malicious activity targets the DNS (Domain Name System), an internet phone book of sorts, which routes traffic to intended online destinations. Specialists warned how these attacks could potentially do much harm; by snooping on data in transit, rerouting it elsewhere, or by taking a user to a spoof version of a trusted website.
“There isn’t a single tool to address this,” Conrad continued, urging for a comprehensive overhaul of web defenses to be implemented. US Authorities also expressed parallel concerns surrounding the DNS attacks in a statement last month.
“This is roughly equivalent to someone lying to the post office about your address, checking your mail, and then hand-delivering it to your mailbox,” the US Department of Homeland Security stated in a recent cyber security alert. “Lots of harmful things could be done to you – or the senders – depending on the content of that mail.”
The attacks, described by many in the field as ‘DNSpionage’, could date back to at least 2017, according to Ben Read, a senior manager of cyber espionage analysis at FireEye. Among the list of targets, included were ISPs (Internet Service Providers) and website registrars, particularly in the Middle East region.
Read continued, “We’ve seen primarily targeting of email, names and passwords. There is evidence that it is coming out of Iran and being done in support of Iran.” ICANN’s emergency meeting was held to amplify their message to online traffic handlers and websites to toughen security measures, lest they leave users at greater risk of being duped by online schemers.
DNSpionage hackers seemed focused on stealing user account credentials, including email passwords, in Lebanon and the United Arab Emirates, according to Adam Meyers, the cyber security vice president of intelligence at Crowdstrike. Attacks have also hit Europe, zeroing in on airlines, governments, intelligence services, the oil industry and police, cyber security specialists revealed.
“You definitely need knowledge of how the internet works and you have to handle a lot of traffic being directed at you,” Meyers cautioned. “With that access, they could temporarily break portions of how the internet works. They chose to intercept and spy on folks.”
Award winning antivirus protection from TotalAV. Stay 100% safe from malware and online threats.