ICANN warns of large-scale attacks on Internet infrastructure

Pierluigi Paganini February 25, 2019

Large-scale attacks are threatening the global Internet infrastructure, the alarm was launched by the Internet Corporation for Assigned Names and Numbers (ICANN).

After an emergency meeting, the Internet Corporation for Assigned Names and Numbers (ICANN) confirmed that the global Internet infrastructure is facing large-scale attacks.

ICANN warns of “an ongoing and significant risk” to key components of the Internet infrastructure.

“The Internet Corporation for Assigned Names and Numbers (ICANN) believes that there is an ongoing and significant risk to key parts of the Domain Name System (DNS) infrastructure. ” reads the ICANN’s announcement.

“They are going after the internet infrastructure itself,” ICANN chief technology officer David Conrad told AFP.

“There have been targeted attacks in the past, but nothing like this.”

Even if the attacks date back to 2017, in recent weeks the experts observed a spike in the malicious activities against the Internet infrastructure, threat actors are targeting the Domain Name System or DNS which are responsible for traffic rounting.

According to the ICANN, threat actors aim at snooping and hijacking traffic, for this reason, it is necessary the hardening of the Internet infrastructure.

“There isn’t a single tool to address this,” Conrad said.

Internet Infrastructure

At the end of January, the DHS issued a notice of a CISA emergency directive urging federal agencies of improving the security of government-managed domains (i.e. .gov) to prevent DNS hijacking attacks.

The notice was issued by the DHS and links the emergency directive 
Emergency Directive 19-01 titled “Mitigate DNS Infrastructure Tampering.”

Earlier January, security experts at FireEye uncovered a DNS hijacking campaign that is targeting government agencies, ISPs and other telecommunications providers, Internet infrastructure entities, and sensitive commercial organizations in the Middle East, North Africa, North America and Europe. According to the experts, the campaign is carried out, with “moderate confidence,” by APT groups linked to the Iranian Government.

These malicious activities could allow attackers to carry out cyber espionage campaign or temporarily break portions of the Internet.

ICANN urged implementation of DNSSEC technology to prevent traffic hijacking. DNSSEC can also prevent internet users from being misdirected from intended websites, according to ICANN.

“In the context of increasing reports of malicious activity targeting the DNS infrastructure, ICANN is calling for full deployment of the Domain Name System Security Extensions (DNSSEC) across all unsecured domain names.” concludes the ICANN. “The organization also reaffirms its commitment to engage in collaborative efforts to ensure the security, stability and resiliency of the Internet’s global identifier systems.”

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – ICANN, DNS hijacking)

[adrotate banner=”5″]

[adrotate banner=”13″]

you might also like

leave a comment