If the ludicrous aftermath of the Sony Pictures data breach isn’t enough to convince you that the Internet is held together by duct tape and string, here’s something else to chew on: ICANN, the officious body responsible for doling out domains like .com or .co.uk or (soon) .google, has just been hacked.
In a statement sent out to the press on Thursday, the Southern California-based nonprofit says that its internal systems were breached in late November by what is believed to have been a “spear phishing” attack.
“It involved email messages that were crafted to appear to come from our own domain being sent to members of our staff,” the organization said in a statement. “The attack resulted in the compromise of the email credentials of several ICANN staff members.”
With these credentials in hand, the attackers were able to gain unauthorized access to files in its centralized zone data system, which is used to store information about registered top-level domain holders. It contains user information such as names, postal addresses, emails, phone numbers, usernames, and cryptographically encrypted passwords. As a precaution, ICANN deactivated all these passwords and is asking members to reset theirs.
Also breached was a members-only index page, the official ICANN blog, and the ICANN “who is” site, where anyone can look up the owner of any generic domain.
At this point it is unclear who was behind the attack. And it is worth mentioning that the organization itself is an enticing target for hackers, using what was likely a sophisticated phishing scheme that tricked some very smart, Internet-savvy people into entering their login information. Thankfully the collateral damage seems minimal.