{"id":46252,"date":"2019-03-18T13:26:08","date_gmt":"2019-03-18T02:26:08","guid":{"rendered":"https:\/\/www.aspistrategist.ru\/?p=46252"},"modified":"2019-03-21T09:13:02","modified_gmt":"2019-03-20T22:13:02","slug":"internet-hijacking-its-nothing-personal","status":"publish","type":"post","link":"https:\/\/www.aspistrategist.ru\/internet-hijacking-its-nothing-personal\/","title":{"rendered":"Internet hijacking: it\u2019s nothing personal"},"content":{"rendered":"<figure><img loading=\"lazy\" decoding=\"async\" width=\"640\" height=\"360\" class=\"alignnone size-full wp-image-46254\" src=\"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2019\/03\/640px-Backlit_keyboard.jpg\" srcset=\"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2019\/03\/640px-Backlit_keyboard.jpg 640w, https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2019\/03\/640px-Backlit_keyboard-205x115.jpg 205w\" sizes=\"(max-width: 640px) 100vw, 640px\" \/><\/figure>\n<p>When you type a website address into your browser, you expect that it will take you to the site you\u2019re trying to visit. Increasingly, however, criminals and even state-backed hackers are using a technique known as DNS hijacking to trick browsers onto false websites.<\/p>\n<p>Every website has both a name and a number. When we type a website address (domain name) into our browsers, our computers use that domain name to look up the corresponding number (internet protocol, or IP, address) in a series of virtual phonebooks called the domain name system (DNS). When you enter the domain name for your bank into the browser, the DNS points your browser to the unique number assigned to that name. That takes you to your bank\u2019s website, where you can safely log in.<\/p>\n<p>The problem is, hackers have figured out how to (at least temporarily) rewrite the DNS phonebook, or use a different phonebook altogether, fooling browsers into visiting the wrong number. And that means the attackers can send you anywhere they like\u2014including to a website which looks just like your bank\u2019s website, so that they can get your credentials (user name, password and other personal data) when you log in.<\/p>\n<p>The DNS is being maliciously manipulated to fool, cheat or steal from us. It can be an enabler for surveillance, and it can be turned into a weapon against us.<\/p>\n<p>In January 2019, <a href=\"https:\/\/www.fireeye.com\/blog\/threat-research\/2019\/01\/global-dns-hijacking-campaign-dns-record-manipulation-at-scale.html\" target=\"_blank\" rel=\"noopener noreferrer\">reports<\/a> were published by technology security companies, such as FireEye and CrowdStrike, detailing widespread malicious manipulation of the DNS to enable criminal activities. Cisco\u2019s Talos research organisation <a href=\"https:\/\/blog.talosintelligence.com\/2018\/11\/dnspionage-campaign-targets-middle-east.html\" target=\"_blank\" rel=\"noopener noreferrer\">has identified<\/a> manipulation of the DNS in a widespread cyber espionage campaign, known as DNSpionage. According to Brian Krebs at Kerbsonsecurity.com, in the last few months of 2018 over 50 Middle Eastern companies and government agencies <a href=\"https:\/\/krebsonsecurity.com\/2019\/02\/a-deep-dive-on-the-recent-widespread-dns-hijacking-attacks\/\" target=\"_blank\" rel=\"noopener noreferrer\">were compromised<\/a> during the DNSpionage attacks, including some associated with the Egyptian Ministry of Defense and the National Security Advisory of Iraq.<\/p>\n<p>In an emergency directive posted on 22 January, the US Department of Homeland Security <a href=\"https:\/\/cyber.dhs.gov\/ed\/19-01\/\" target=\"_blank\" rel=\"noopener noreferrer\">told federal agencies<\/a> to \u2018mitigate DNS infrastructure tampering\u2019 within 10 days to \u2018address the significant and imminent risks to agency information and information systems\u2019.<\/p>\n<p>A month later, on 22 February, in light of what it described as \u2018a pattern of multifaceted attacks,\u2019 one of the key global governing bodies for the internet, ICANN (the\u00a0Internet Corporation for Assigned Names and Numbers), <a href=\"https:\/\/www.icann.org\/news\/announcement-2019-02-22-en\" target=\"_blank\" rel=\"noopener noreferrer\">called for<\/a> immediate action to secure the DNS on a global scale: \u2018The organization believes that all members of the domain name system ecosystem must work together to produce better tools and policies to secure the DNS and other critical operations of the Internet.\u2019 ICANN is asking network infrastructure administrators to deploy DNS security standards with urgency. The standard that ICANN calls for is a technology that protects against unauthorised changes to the DNS, referred to as DNSSEC. Although DNSSEC won\u2019t mitigate all threats, it will raise the overall level of defence.<\/p>\n<p>Worldwide adoption of DNSSEC has, in the words of <a href=\"https:\/\/techcrunch.com\/2019\/02\/23\/icann-ongoing-attacks-dns\/\" target=\"_blank\" rel=\"noopener noreferrer\">Techcrunch<\/a>, been \u2018glacial\u2019: statistics from various sources indicate that less than 20% of the world\u2019s major networks or websites have this standard enabled. However, DNSSEC is a standard that works best when it\u2019s deployed at scale.<\/p>\n<p>The trouble with deploying DNSSEC is not so much technical complexity or cost implications\u2014rather, it\u2019s that most of us are not aware of or concerned enough about the situation to demand its protection.<\/p>\n<p>Even those who are concerned about this online criminal activity aren\u2019t marching in the streets to insist it be stopped\u2014but perhaps they should be.<\/p>\n<p>Countries that seem to be leading the way with DNS security have deployed a government strategy of \u2018lead by example\u2019, circumventing the need to drum up public concern. <a href=\"https:\/\/www.msb.se\/RibData\/Filer\/pdf\/26419.pdf\" target=\"_blank\" rel=\"noopener noreferrer\">In its 2012 information security action plan<\/a>, Sweden stated that it aimed to introduce DNSSEC into the majority of public organisations by the end of 2014. Sweden now reports one of the highest levels of DNSSEC deployment overall. Earlier this month, the Australian Signals Directorate issued <a href=\"https:\/\/www.tenders.gov.au\/index.cfm?event=public.atm.show&amp;ATMUUID=C1B38324-A2FC-CB1A-E3CC8465C4595C44\" target=\"_blank\" rel=\"noopener noreferrer\">a tender<\/a> for \u2018Protective DNS for the Australian Cyber Security Centre\u2019. While this indicates an awareness of the urgency of protecting the DNS, there remains no government-sponsored drive to increase DNSSEC adoption in Australia.<\/p>\n<p>It\u2019s time for government agencies to take the lead to advocate, support and encourage adoption of secure internet standards in Australia. The DNS needs to be secured before our trusted online destinations become the victims of hijack\u2014or, worse still, fall foul of a weaponised attack on the heart of the internet infrastructure.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>When you type a website address into your browser, you expect that it will take you to the site you\u2019re trying to visit. Increasingly, however, criminals and even state-backed hackers are using a technique known &#8230;<\/p>\n","protected":false},"author":929,"featured_media":46254,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_mi_skip_tracking":false,"footnotes":""},"categories":[1],"tags":[17,713,2138,731],"class_list":["post-46252","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general","tag-australia","tag-cyberattack","tag-cybersecurity","tag-internet-governance"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v19.3 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Internet hijacking: it\u2019s nothing personal | The Strategist<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.aspistrategist.ru\/internet-hijacking-its-nothing-personal\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Internet hijacking: it\u2019s nothing personal | The Strategist\" \/>\n<meta property=\"og:description\" content=\"When you type a website address into your browser, you expect that it will take you to the site you\u2019re trying to visit. Increasingly, however, criminals and even state-backed hackers are using a technique known ...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.aspistrategist.ru\/internet-hijacking-its-nothing-personal\/\" \/>\n<meta property=\"og:site_name\" content=\"The Strategist\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/ASPI.org\" \/>\n<meta property=\"article:published_time\" content=\"2019-03-18T02:26:08+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2019-03-20T22:13:02+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2019\/03\/640px-Backlit_keyboard.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"640\" \/>\n\t<meta property=\"og:image:height\" content=\"360\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Alison Howe\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@ASPI_org\" \/>\n<meta name=\"twitter:site\" content=\"@ASPI_org\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Alison Howe\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.aspistrategist.ru\/#website\",\"url\":\"https:\/\/www.aspistrategist.ru\/\",\"name\":\"The Strategist\",\"description\":\"ASPI&#039;s analysis and commentary site\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.aspistrategist.ru\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-AU\"},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-AU\",\"@id\":\"https:\/\/www.aspistrategist.ru\/internet-hijacking-its-nothing-personal\/#primaryimage\",\"url\":\"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2019\/03\/640px-Backlit_keyboard.jpg\",\"contentUrl\":\"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2019\/03\/640px-Backlit_keyboard.jpg\",\"width\":640,\"height\":360},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.aspistrategist.ru\/internet-hijacking-its-nothing-personal\/\",\"url\":\"https:\/\/www.aspistrategist.ru\/internet-hijacking-its-nothing-personal\/\",\"name\":\"Internet hijacking: it\u2019s nothing personal | The Strategist\",\"isPartOf\":{\"@id\":\"https:\/\/www.aspistrategist.ru\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.aspistrategist.ru\/internet-hijacking-its-nothing-personal\/#primaryimage\"},\"datePublished\":\"2019-03-18T02:26:08+00:00\",\"dateModified\":\"2019-03-20T22:13:02+00:00\",\"author\":{\"@id\":\"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/b3a95e8f18dee786a7af0c62a2c3c717\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.aspistrategist.ru\/internet-hijacking-its-nothing-personal\/#breadcrumb\"},\"inLanguage\":\"en-AU\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.aspistrategist.ru\/internet-hijacking-its-nothing-personal\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.aspistrategist.ru\/internet-hijacking-its-nothing-personal\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.aspistrategist.ru\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Internet hijacking: it\u2019s nothing personal\"}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/b3a95e8f18dee786a7af0c62a2c3c717\",\"name\":\"Alison Howe\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-AU\",\"@id\":\"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/cc795f1fdc18d45bbf1da8e9db633c94?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/cc795f1fdc18d45bbf1da8e9db633c94?s=96&d=mm&r=g\",\"caption\":\"Alison Howe\"},\"url\":\"https:\/\/www.aspistrategist.ru\/author\/alison-howe\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Internet hijacking: it\u2019s nothing personal | The Strategist","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.aspistrategist.ru\/internet-hijacking-its-nothing-personal\/","og_locale":"en_US","og_type":"article","og_title":"Internet hijacking: it\u2019s nothing personal | The Strategist","og_description":"When you type a website address into your browser, you expect that it will take you to the site you\u2019re trying to visit. Increasingly, however, criminals and even state-backed hackers are using a technique known ...","og_url":"https:\/\/www.aspistrategist.ru\/internet-hijacking-its-nothing-personal\/","og_site_name":"The Strategist","article_publisher":"https:\/\/www.facebook.com\/ASPI.org","article_published_time":"2019-03-18T02:26:08+00:00","article_modified_time":"2019-03-20T22:13:02+00:00","og_image":[{"width":640,"height":360,"url":"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2019\/03\/640px-Backlit_keyboard.jpg","type":"image\/jpeg"}],"author":"Alison Howe","twitter_card":"summary_large_image","twitter_creator":"@ASPI_org","twitter_site":"@ASPI_org","twitter_misc":{"Written by":"Alison Howe","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebSite","@id":"https:\/\/www.aspistrategist.ru\/#website","url":"https:\/\/www.aspistrategist.ru\/","name":"The Strategist","description":"ASPI&#039;s analysis and commentary site","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.aspistrategist.ru\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-AU"},{"@type":"ImageObject","inLanguage":"en-AU","@id":"https:\/\/www.aspistrategist.ru\/internet-hijacking-its-nothing-personal\/#primaryimage","url":"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2019\/03\/640px-Backlit_keyboard.jpg","contentUrl":"https:\/\/www.aspistrategist.ru\/wp-content\/uploads\/2019\/03\/640px-Backlit_keyboard.jpg","width":640,"height":360},{"@type":"WebPage","@id":"https:\/\/www.aspistrategist.ru\/internet-hijacking-its-nothing-personal\/","url":"https:\/\/www.aspistrategist.ru\/internet-hijacking-its-nothing-personal\/","name":"Internet hijacking: it\u2019s nothing personal | The Strategist","isPartOf":{"@id":"https:\/\/www.aspistrategist.ru\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.aspistrategist.ru\/internet-hijacking-its-nothing-personal\/#primaryimage"},"datePublished":"2019-03-18T02:26:08+00:00","dateModified":"2019-03-20T22:13:02+00:00","author":{"@id":"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/b3a95e8f18dee786a7af0c62a2c3c717"},"breadcrumb":{"@id":"https:\/\/www.aspistrategist.ru\/internet-hijacking-its-nothing-personal\/#breadcrumb"},"inLanguage":"en-AU","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.aspistrategist.ru\/internet-hijacking-its-nothing-personal\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.aspistrategist.ru\/internet-hijacking-its-nothing-personal\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.aspistrategist.ru\/"},{"@type":"ListItem","position":2,"name":"Internet hijacking: it\u2019s nothing personal"}]},{"@type":"Person","@id":"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/b3a95e8f18dee786a7af0c62a2c3c717","name":"Alison Howe","image":{"@type":"ImageObject","inLanguage":"en-AU","@id":"https:\/\/www.aspistrategist.ru\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/cc795f1fdc18d45bbf1da8e9db633c94?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/cc795f1fdc18d45bbf1da8e9db633c94?s=96&d=mm&r=g","caption":"Alison Howe"},"url":"https:\/\/www.aspistrategist.ru\/author\/alison-howe\/"}]}},"_links":{"self":[{"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/posts\/46252"}],"collection":[{"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/users\/929"}],"replies":[{"embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/comments?post=46252"}],"version-history":[{"count":7,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/posts\/46252\/revisions"}],"predecessor-version":[{"id":46351,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/posts\/46252\/revisions\/46351"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/media\/46254"}],"wp:attachment":[{"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/media?parent=46252"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/categories?post=46252"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.aspistrategist.ru\/wp-json\/wp\/v2\/tags?post=46252"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}