ICANN: Phishing attack compromised systems
The Internet Corporation for Assigned Names and Numbers — the nonprofit organization responsible for assigning and monitoring the Internet’s IP addresses and domain names — said it is investigating a breach of its internal systems that may have compromised several staff members’ credentials.
The U.S.-based organization said a “spear phishing” attack — a malicious email spoof targeted at one person or a small group of individuals — that appeared to come from an ICANN domain led to hackers gaining access to several ICANN systems.
The culprits accessed ICANN’s Centralized Zone Data Service, a repository that stores, among other things, data related to information needed to pair domain names with IP addresses. ICANN said hackers accessed copies of that data, as well as names, postal addresses, email addresses, fax and telephone numbers, usernames, and passwords. While the passwords were stored as salted cryptographic hashes, ICANN said it has taken steps to deactivate the entire library.
ICANN also said a members-only wiki page, the organization’s WHOIS listing and blog were also compromised.
The organization said the attack was initiated some time in late November and does not impact any of ICANN’s other systems, including ones related to the Internet Assigned Numbers Authority.
The attack comes as the U.S. is in the midst of handing over its oversight of ICANN to an international consortium in 2015. The National Telecommunications and Information Association, which oversees ICANN, assured people in July that the handover would not disrupt the Internet as the public has come to know it.
“Contrary to some initial concerns that we were giving away the Internet, the response from the global Internet community has been overwhelmingly supportive,” NTIA assistant secretary of commerce for communications and information Lawrence Strickling said at an event in July. “The discussions to date demonstrate that the community is taking this transition very seriously and is determined to develop a transition plan that will ensure that the Internet [domain name system] continues to support a growing and innovative Internet.”
