Hacked Through Phishing: An Ugly Security Awareness Lesson Learned

Join Cybrary

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATION
Already a Member Login Here

< Back to Blog Posts

Hacked Through Phishing: An Ugly Security Awareness Lesson Learned

Published: September 18, 2015 | By: ryan | Views: 2390
save

Hacked Through Phishing: An Ugly Security Awareness Lesson Learned - Cybrary

Given we’re a cyber security education company, we like to preach (maybe too much at times) about how darn important security awareness training for employees really is. So, we thought we’d share the hideously ugly lesson that internet authority company, ICANN, learned about security awareness not too long ago.

 

Reliving the ICANN Phishing Hack:

Phishing is the act of using electronic communication to pretend to be a trustworthy individual in order to obtain secure information. There are many types of phishing, including communications that appear to come from individuals within a recipient’s contact list or organization, otherwise known as spear phishing. Recently ICANN, the Internet Corporation for Assigned Names and Numbers, was the victim of just such an attack.

In November 2014, ICANN employees received an email claiming to be from a staff member within ICANN requesting their login info. Taking the email at face value, an unidentified number of employees clicked on a link included within that led them to a fake login page. When they entered their email and passwords, this information was obtained by the attackers.

Officials believe it may also have allowed malware to be installed on employee computers. ICANN employees unwittingly the attackers gave access to their organizational accounts and the privileges associated with them.

Using email credentials elicited from the spear phishing attempt, hackers accessed the ICANN Centralized Zone Data System, or CZDS, which is a service that domain registries and others use to request DNS root zone file access located at czds.icann.org. Not only were zone files accessible to the attackers, but the names, postal and email addresses, fax and telephone numbers, email addresses, and passwords of system users were at risk as well.

Although passwords were encrypted as salted hash values, ICANN deactivated them as a precaution and allowed users to request new ones. The organization also sent notices to all members potentially affected by the attack urging them to review and change their login information for other online accounts that may have used the same username and password.

In addition to the CZDS, the attackers also gained access to the ICANN GAC (Governmental Advisory Committee) Wiki, located at gacweb.icann.org, where they were able to view a members-only index page, one user’s profile page and other public information. The attackers were also able to access user accounts on two other platforms, the information portal ICANN WHOIS at whois.icann.org, and the ICANN Blog at blog.icann.org.

ICANN discovered the existence of the hack a week after it took place. In a statement released to the public, ICANN stated that they had initiated security enhancements designed to increase the information security of all ICANN programs. The organization also claimed to have instituted additional security measures directly after the attack.

Lesson Learned:
If your organization does not have security awareness training for all employees, it could be a big mistake!

Save

< Back to Blog Posts
Enjoy this blog post? Want more Cybytes?
Invite a Friend
and share now
Facebook Twitter Google+ LinkedIn Email
Join Cybrary
6 Comments
  1. this information is very importent for all the readers,
    i suggest all to must read it…….

Page 2 of 2«12
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel