Using basic spear phishing attacks, hackers managed to trick ICANN employees into giving up private credentials upon receiving emails that appeared to come from the organization itself. As a result, several internal systems have been breached.
ICANN reports that not only were internal emails accessed, but also a number of other things including an employee only wiki-page with public data, as well as the database to see who has registered a certain domain. Hackers also accessed the Centralized Zone Data System (CZDS), which allows them access to user names, addresses, emails and other contact/personal data. While certainly the most troubling off them all, the passwords stolen in the CZDS breach were encrypted and not just sitting around as plain text entries.
The organization implemented deeper security measures earlier this year, and while they didn’t stop the attack outright, they did limit it severely. "We believe these enhancements helped limit the unauthorized access obtained in the attack," ICANN said. One can imagine that organizations like these would be prime targets for attacks of this nature. The group is attempting to better prepare for breaches in the future with additional security being implemented since the attack took place.
Image via Shutterstock