ICANN falls for spear phishing attack

E-mail credentials and a key DNS zone system were compromised. The severity of the damage is not yet clear.

The Internet Corporation for Assigned Names and Numbers (ICANN) announced yesterday that they have fallen victim to a phishing attack which resulted in the attackers gaining administrative access to some of ICANN's systems, including its Centralized Zone Data Service (CZDS).

free pdf

Special report: The future of Everything as a Service

SaaS has set off a revolution in the way companies consume services on-demand. We look at how it's spreading to other IT services and transforming IT jobs.

Read More

ICANN believes that the attack was committed in late November using emails sent to staff members that were designed to look like they came from within ICANN. As a result of the attack, the email credentials of several ICANN staff members were compromised. Those credentials were then used to compromise other ICANN systems, including the CZDS.

The CZDS is a service used by domain registries and other interested parties request access to DNS root zone files. The compromise of the system means that the zone files themselves were available but, more importantly, so were the account details of users on the system, including email addresses and passwords. The passwords were salted cryptographic hashes, so it's unlikely that the attackers will be able to use them, but ICANN is urging users to get new passwords just the same.

At the same time, the attackers would have access to the account holders' names, postal addresses, email addresses, fax and telephone numbers. This could be good fodder for further spear phishing attacks.

The investigation has found no evidence of compromise of any Internet Assigned Numbers Authority (IANA) systems. The IANA is part of ICANN and performs the actual management of globally-unique names and numbers.


You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
See All
See All