US gov issues emergency directive after wave of domain hijacking attacks | Naked Security

Hmmm… Is the Government Shutdown affecting National Security? This directive may indicate that (see source link below to learn more about this).

What is domain hijacking?

Domain hijacking has been a persistent issue in the commercial world for years, a prime example of which would be the attack that disrupted parts of Craigslist in November 2014. In that incident, as in every successful every domain hijacking attack, the attackers took over the account used to manage the domains at the registrar, in this case, Network Solutions. The objective is to change the records so that instead of pointing to the IP address of the correct website it sends visitors to one controlled by the attackers. This change could have been made using impersonation to persuade the registrar to change the domain settings or by stealing the admin credentials used to manage these remotely. It’s a potent attack – web users think they’re visiting the correct website because they’ve typed the correct domain in their address bar and have no reason to doubt where they end up. For attackers, it’s the perfect crime that avoids the much harder job of having to take over the real website.

Source: US gov issues emergency directive after wave of domain hijacking attacks – Naked Security

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Powered by WordPress.com.

Up ↑

%d bloggers like this: