- City Fajr Shuruq Duhr Asr Magrib Isha
- Dubai 04:07 05:29 12:18 15:42 19:01 20:24
Hackers have gone on a rampage with reports of multiple high profile cases of intrusion, resulting in suspension of service.
South Korea’s Korea Hydro & Nuclear Power Co. (KHNP) says it has been affected by a series of cyber attacks. Last week, a number of documents and operating manuals of South Korean nuclear reactors were leaked online.
Although South Korea has raised the flag and is blaming North Korea for the incident, the North has vehemently denied the allegations.
Meanwhile, on Friday another group claiming affiliation with Anonymous released a document containing approximately 13,000 username-and-password combinations along with credit card numbers and expiration dates.
The details were posted on the document sharing site Ghostbin. Among the online sites from where the data was stolen include Walmart, Amazon and Hulu Plus along with Xbox Live, Sony PlayStation Network and Twitch.tv apart from several other gaming sites.
In yet another serious attack, hackers managed to hack into the website of Internet Systems Consortium, Inc. which operates 13 global authoritative DNS root servers and supports the infrastructure of the universal, self-organising Internet.
The website https://www.isc.org/ continues to be down and a message simple reads “We believe the web site may have become infected with malware. Please scan any machine that has accessed this site recently for malware.”
Anyone visiting the website was being redirected to the same domain but with Angler Exploit Kit.
The malware infected kit executes codes and runs additional malware to infect your windows machines.
However the organisation said that its other network resources are unaffected. “This is a WordPress issue, ftp.isc.org, kb.isc.org and our other network resources are unaffected. We have not had any reports of any client machines that have been infected from our website,” the message adds.
Recently a UAE telecom operator was hit by hackers and those visiting the domain were redirected to a Chinese site.
According to Cherif Sleiman, General Manager, Middle East at Infoblox the attack is a result of a DNS Cache poisoning exploit that basically involves inserting a false address record for an Internet domain into the DNS query.
“If the DNS server accepts the record, subsequent requests for the address of the domain are answered with the address of a server controlled by the attacker. For as long as the false entry is cached, incoming web requests and emails will go to the attacker’s address,” he notes.
According to him, during the past 15 years alone attack vectors have moved from the desktop to network and to the application layer.
“In the past 18 months, DNS has become the latest target where DNS has become the second highest attack vector on the Internet slightly behind HTTP attacks. In fact DNS is projected to surpass HTTP to become the number one attack vector within the next 12 months. In the past year alone, DNS attacks have increased by more than 200 percent.”
He further adds that the only effective way to address these DNS threats is directly from within the DNS servers themselves. “DNS attacks cannot be handled by any of the traditional security technologies including firewalls, intrusion technologies, etc. Only purpose-built products that provide Advanced DNS Protection (ADP), can address such attacks.”
Follow Emirates 24|7 on Google News.