Advertisement
Technology and the Internet

Internet authority ICANN says it was hacked

U.S. officials have announced plans to relinquish the federal government's control over managing the Internet to a "multistakeholder community" in March.
(Damian Dovarganes / Associated Press)
By Sarah ParviniStaff Writer 
Share

The Internet authority responsible the Web’s address system has been hacked, compromising employee emails and personal information.

The Internet Corp. for Assigned Names and Numbers, or ICANN, said Tuesday that it fell victim to a “spear phishing” attack in November. The hack involved emails crafted to look as though they came from the organization’s own domain.

Earlier this month, ICANN learned that the stolen employee credentials were used to access other systems aside from email, including the Centralized Zone Data System that grants access to private employee information. Hackers accessed employees’ names, addresses, email addresses, phone numbers and usernames. The digital thieves also found employee passwords, though that information was encrypted instead of saved as plain text, ICANN said.

Advertisement

“We are providing information about this incident publicly, not just because of our commitment to openness and transparency, but also because sharing of cybersecurity information helps all involved assess threats to their systems,” the California-based nonprofit said in a statement.

Unknown hackers broke into the group’s Governmental Advisory Committee wiki page, which stores public information and a members-only index page, ICANN said. Aside from one user’s profile page, no other private content was viewed.

Hackers accessed user accounts on two other systems as well, including the group’s blog and the ICANN WHOIS information portal, which allows users to search generic domain names. Neither system was harmed by the cyber attack, ICANN said.

Earlier this year, the organization launched a program of security enhancements to strengthen its systems’ information security.

“We believe these enhancements helped limit the unauthorized access obtained in the attack,” ICANN said.

U.S. officials have announced plans to relinquish the federal government’s control over managing the Internet to a “multistakeholder community” in March, following backlash over revelations about the National Security Agency’s surveillance program.

Advertisement

The cyber attack could fuel those wary of ICANN’s transition to an international authority, who argue the move would compromise the safety of the Internet. Some opponents doubt the organization’s ability to manage the Internet for the entire globe.

Interested in more on Internet security? Follow me on Twitter: @ParviniParlance

More to Read

Technology and the Internet
Sarah Parvini

Sarah Parvini was a reporter at the Los Angeles Times from 2014 to 2024. She most recently covered the video game industry and previously wrote about California’s diverse communities, with a focus on the state’s shifting demographics. She was part of the team that won the 2016 Pulitzer Prize for its coverage of the San Bernardino terrorist attack, as well as a member of the investigative unit that uncovered scandals at USC’s medical school. The child of immigrants, she speaks fluent Persian and conversational Spanish.

More From the Los Angeles Times

Advertisement