[ad_1]
SAN FRANCISCO: The key parts of the Internet infrastructure are facing large-scale attacks that threaten the global system of web traffic, said Friday the guardian of the Internet address.
The Internet Corporation for Assigned Names and Numbers (ICANN) has declared after an emergency meeting "a permanent and significant risk" for key elements of the infrastructure affecting the domains on which the websites reside.
"They are attacking the Internet infrastructure itself," David Conrad, head of technology at ICANN, told AFP.
"There have been targeted attacks in the past, but nothing like that."
The attacks date as far back as 2017, but raise more and more concerns among security researchers in recent weeks, which motivated the ICANN special meeting.
The malicious activity targets the domain name system or the DNS that routes the traffic to the intended online destinations.
ICANN and others experts say that these attacks can potentially spy on data en route, smugly send traffic elsewhere or allow attackers to impersonate critical websites.
"There is not a single tool to solve this problem," said Conrad, while ICANN called for a general tightening of Web defenses.
US authorities issued a similar warning last month about DNS attacks.
"It's about the same as a person who is lying at the post office about your address, checking your mail, and then delivering it directly to your mailbox," said the US Department of Homeland Security in an alert to cybersecurity.
"Many harmful things could be done for you (or the senders) depending on the content of this mail."
DNSpionage attacks could go back at least to 2017, according to Ben Read, Senior Director of FireEye for the badysis of cyber espionage.
The list of targets included registrars and ISPs, particularly in the Middle East.
"We mainly found that email names and pbadwords were targeted," Read said of what is known as "DNSpionage."
"It is proven that this is coming out of Iran and that it is doing it to support Iran."
ICANN has organized an emergency meeting and has sent a message to the website and to the online traffic managers to increase security or leave users susceptible to being trapped by trusting the wrong sites. online.
The DNSpionage hackers appeared to be intent on stealing account credentials, such as email pbadwords, from Lebanon and the United Arab Emirates, according to Adam Meyers, vice president of the cybersecurity firm Crowdstrike.
Similar attacks have occurred in Europe and other parts of the Middle East, targeting governments, intelligence services, police, airlines and the oil industry, experts said. cybersecurity.
"You absolutely need to know how the Internet works and manage a lot of traffic for you," Meyers said of DNSpionage hackers.
"With this access, they could temporarily interrupt some parts of the Internet operation. They chose to intercept and spy on people. "
Source link
