ICANN (Photo : http://www.pircenter.org/)
Hackers managed to get sensitive credentials from ICANN (Internet Corporation for Assigned Names and Numbers), which is responsible for the management of Internet domain names.
The hackers used a spear phishing method to retrieve the credentials. ICANN members was reported to have received several email messages that appeared to have come from the organization's own domain. The email linked to a fake login site that stole their passwords, giving the hackers administrative access to the organization's Centralized Zone Data System (CZDS).
ICANN said that the passwords stolen were encrypted, which will give the hackers a harder time to crack them.
According to ICANN, the CZDS contains data files from Top Level Domains (TLDs) and that there were sensitive information in those files that are required to resolve domain names into IP (Internet Protocol) numbers. The CZDS contained the IP addresses, server and domain names for several name servers.
The hackers can also access, through the CZDS, more data and information entered by millions of users, including phone numbers, email addresses, location and names.
ICANN installed deeper security measures earlier this year; it believes that it limited the hackers attack significantly. ICANN said that the new security measures "helped limit" the data stolen from the cyber attack.
White Ops chief scientists Dan Kaminsky believes that the hackers are not going to be able to do much with the stolen data. Kaminsky said that there are "many layers of protection" besides just the passwords the ICANN members entered. He also said that there was nothing changed after the cyber attack.
ICANN said that they are sharing the breach to the public to help those who were affected to "assess threats" to their computer systems.
