Domainmonster.com Industry News
ICANN Net Servers Targeted
Experts have claimed there are signs that hackers attacked key parts of the backbone of the Internet on Tuesday, but no damage seems to have been done, experts said.
It seems that the attack was focused on the Domain Name System, which maps text-based Domain Names, such as News.com, to the numeric IP addresses of servers connected to the Internet, and vice versa. Several key DNS servers saw traffic spike in the early morning on Tuesday, which according to several experts was a sign of an attack.
John Crain, the chief technical officer at the Internet Corporation for Assigned Names and Numbers, which operates one of the main so-called root DNS servers said the following "It is an unusual large amount of traffic that is hitting DNS serversÖWe see large attacks on a regular basis, but this hit quite a few servers, so it was fairly large,".
Luckily the DNS servers were able to withstand the onslaught. Crain added: "It was irritating. It ruined my nightís sleep. It was extraordinary in the fact that it happened to multiple systems at once, but this is not affecting Internet users," he said. DNS serves as the address book for the Internet. There are 13 official root DNS servers, which sit at the top of the DNS hierarchy. The root servers are only queried if other DNS servers, like those at an internet service provider, donít have the right IP address for a specific Web site.
If part of the DNS system goes down, Web sites could become unreachable and e-mail could become undeliverable. But the Domain Name System is built to be resilient, and attacks on the system are rare. A similar denial-of-service attack had also failed in 2002. "The main thing is that there was very little impact on the general public, the servers were able to hold up against the attacks," said Zully Ramzan, a researcher at Symantec Security Response. "The Internet in general was designed to even withstand a nuclear attack."
The barrage of data being apparently targeted at the DNS system started at around 2.30 a.m. Pacific Time on Tuesday. Multiple root servers saw a traffic spike, but the "G" server, run by the U.S. Department of Defense, and "L," run by ICANN, seem to have gotten the brunt of it, Ramzan said. ICANNís Crain confirmed that impression.
While ICANN and Symantec didnít see any effect on the Internet at large, Internet service provider Neustar did see slow downs on the Net. "We would call it a brownout instead of a blackout. It was significant, but it did not take anything down," a representative for the company said.
Ramzan and Crain were in agreement that the true cause of the traffic surge still needs to be determined.