|
By Cara Garretson
Social networking site Twitter suffered an interruption of service Dec. 17 due to a hack attack on the company’s Domain Name System (DNS) servers.
For a little over an hour on Thursday night, approximately 80 percent of visitors to Twitter’s Web site were redirected to other sites, according to a post on the company’s blog. The company says the settings for its DNS servers were compromised, and Twitter worked with Dynect, its DNS provider, to resolve the problem. DNS is an Internet protocol that translates IP addresses (numbers) into domain names (words and letters).
Twitter says the motive for the attack appears to have been to deface the Twitter site, and was not aimed at its users. The company says it doesn’t believe any user accounts were compromised.
According to the SANS Institute’s Internet Storm Center, Twitter’s DNS settings were changed to point to a site called www.mowjcamp.org. A commenter on the SANS Web site said that during the hijacking Twitter users were redirected to this site, which said the Iranian Cyber Army was responsible.
A blog called Hype Free posted a translation of the Persian writing found on the redirected site: “This site has been hacked by the Iranian Cyber Army. The USA thinks they control and manage internet access, but they don't. We control and manage the internet with our power, so do not try to incite the Iranian people.”
Rik Ferguson, a blogger on security vendor Trend Micro’s CounterMeasure site, confirms that Twitter’s servers themselves were not attacked, but DNS provider Dynect’s were. “If attacks like this can be said to serve any purpose at all, then perhaps they can serve as a reminder that we all need to absolutely ensure that our business partners meet our own high security standards, and that stands in both the on and offline worlds,“ wrote Ferguson.
On Saturday, Danny McPherson, vice president and chief security officer of Arbor Networks, wrote in a blog that the Twitter outage was probably caused by a relatively simple act, such as compromising the administrator password at Twitter’s DNS service provider. McPherson reminded companies that they should proactively protect their domain names, as they represent an asset upon which organizations’ entire online existences are based.
“ I suspect most organizations spend far more in a single day (at a single location) on coffee filters or toilet paper than they do annually on DNS provisioning function security, yet they throw millions at tape backups, site security, and all those sexier components, when what most matters [first] to keep their Internet presence functioning -- the availability and integrity of that DNS provisioning data, is sorely neglected,” said McPherson.
Only registered users can write comments.
Please login or register. |
