Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

BLOG: Anonymous targeting Asian government sites

Wade Williamson | Nov. 11, 2013
Hacktivism season seems once again in full swing, so it's crucial to know what you're up against and safeguard your data as much as possible.

DNS Hijack and Redirect 

Stealing passwords can be useful for an attacker in a variety of ways. The SEA attacks against the New York Times and variety of other sites provided a stark case in point earlier this year. In that case, instead of stealing passwords from the New York Times directly, the attackers targeted the DNS registrar that the Times uses for its websites. In short, the attackers didn't really attack the New York Times directly at all - they simply broke in to Melbourne IT (the DNS registrar for the New York Times) and changed the DNS record for nytimes.com to point to an IP address in Syria.

An attack such as this is obviously hard to control from an IT perspective simply because the attack never directly touches the intended target. That underscores the importance of choosing a registrar that asks thorough, pointed questions about how security is handled by the vendor. Many registrars will offer additional safeguards and locks that make it far more difficult and time-consuming to make any domain level changes to an account, although not all registrars do this.

Ultimately, there are plenty of methods that can be used by hacktivists to compromise a site and its data. Hacktivism season seems once again in full swing, so it's crucial to know what you're up against and safeguard your data as much as possible.

Wade Williamson is Senior Security Analyst at Palo Alto Networks.

 

Previous Page  1  2 

Sign up for CIO Asia eNewsletters.