[ad_1]
The Internet Corporation for Assigned Names and Numbers (ICANN) has declared after an emergency meeting "a permanent and significant risk" for key elements of the infrastructure affecting the domains on which the websites reside.
"They are attacking the Internet infrastructure itself," David Conrad, head of technology at ICANN, told AFP.
"There have been targeted attacks in the past, but nothing like that."
The attacks could go back to 2017 but have caused more and more concern among security researchers in recent weeks, which motivated the ICANN special meeting.
The malicious activity targets the domain name system or the DNS that routes the traffic to the intended online destinations.
ICANN and other experts say these attacks can potentially spy on data, sneak it elsewhere, or allow attackers to impersonate critical websites.
"There is not a single tool to solve this problem," said Conrad, while ICANN called for a general hardening of Web defenses.
US authorities issued a similar warning last month about DNS attacks.
"It's about the same as a person who is lying at the post office about your address, checking your mail, and then delivering it directly to your mailbox," the US Department of Homeland Security said in an alert. to cybersecurity.
"A lot of bad things could be inflicted on you (or senders) depending on the content of this mail."
The so-called "DNSpionage" attacks could go back at least to 2017, according to the FireEye senior director, responsible for the badysis of cyber espionage, Ben Read.
The list of targets included registrars and ISPs, particularly in the Middle East.
"We have mostly seen a targeting of email names and pbadwords," said Read.
"There is evidence that this comes out of Iran and is made to support Iran."
Adam Meyers, vice president of intelligence at cybersecurity firm CrowdStrike, revealed that DNSpionage hackers appeared to want to steal account credentials, such as e-mail pbadwords, from Lebanon and the United Arab Emirates.
Similar attacks have occurred in Europe and other parts of the Middle East, targeting governments, intelligence services, police, airlines and the oil industry, experts said. cybersecurity.
"You absolutely have to know how the Internet works and handle a lot of the traffic that's going for you," Meyers said of DNSpionage hackers.
"With this access, they could temporarily interrupt some parts of the Internet. They chose to intercept and spy on people."
The attack itself is technically simple, but its reach and targeting of Internet service providers as well as large government entities have made it "a big problem," according to Meyers.
ICANN has launched a message to the website and online traffic managers to increase security or leave users susceptible to being trapped by trusting bad online sites.
The organization has advocated a broader implementation of DNSSEC technology, which adds digital signatures that act as virtual seals to expose when data transferred online has been tampered with.
DNSSEC can also prevent internet users from being mishandled from the intended websites, according to ICANN.
"It aims to ensure that Internet users reach the desired online destination by helping to prevent" man-in-the-middle "attacks that unconsciously direct a user to a potentially malicious site," said ICANN in its release. .
According to Conrad, one of the challenges in preserving Internet infrastructure is that website owners do not always understand the imperative of protecting themselves from clever hackers.
"We want to make sure people understand what it means to own a domain name and put it on the Internet," said Conrad.
"Because all your customers are as secure as you are."
Source link
