US govt orders security measures for DNS hijack emergency | Marten IT Blog

US govt orders security measures for DNS hijack emergency

Iran blamed for "almost unprecedented scale" attacks compromising web and email traffic.
The United States Department of Homeland Security has issued an emergency directive in response to a serious, global campaign of domain name system (DNS) infrastructure tampering, believed to originate in Iran.
Earlier in January, security vendors Cisco Talos and Mandiant FireEye outlined a spate of DNS hijacks against multiple government, telcos and internet infrastructure organisations in Europe, North America and the Middle East/Africa.

Attackers have successfully redirected web and email traffic by altering DNS records, making them point to servers on addresses that they control.

They've been able to do so by capturing administrative credentials for administrative accounts that can make changes to DNS records. FireEye and Talos said they have received reports that sophisticated phishing attacks were used to gain acccess for DNS record manipulation, as well as compromising a victim's domain registrar account.

Sourced from:

By using this site you accept that we use cookies and similar technologies for analytical purposes. No information is ever sold on to other parties.
By continuing to use our site, you consent to this.