ICANN warns of “ongoing and significant” threat to DNS infrastructure

The internet’s address book keeper has warned of an “ongoing and significant risk” to key parts of the domain name system infrastructure, following months of increased attacks. The Internet Corporation for Assigned Names and Numbers, or ICANN, issued the notice late Friday, saying DNS, which converts numerical internet addresses to domain names, has been the victim of “multifaceted attacks utilizing different methodologies.” It follows similar warnings from security companies and the federal government in the wake of attacks believe to be orchestrated by nation state hackers. In January, security company FireEye revealed that hackers likely associated with Iran were hijacking DNS records on a massive scale, by rerouting users from a legitimate web address to a malicious server to steal passwords. This so-called “DNSpionage” campaign, dubbed by Cisco’s Talos intelligence team, was targeting governments in Lebanon and the United Arab Emirates. Homeland Security’s newly founded Cybersecurity Infrastructure Security Agency later warned that U.S. agencies were also under attack.