When I talk to friends about web-based badware, one of the most frequent things I hear is a version of "Oh, I don't have to worry about that - I don't go to any sketchy sites." The security world has known for a while now that even legitimate, trusted websites can be hacked, but that knowledge still hasn't made its way out to much of the public. It often takes the hacking of a prominent site to shatter the illusion.
This week, the website of ICANN, the Internet Corporation for Assigned Names and Numbers, was hacked and defaced, along with the site for IANA, the Internet Assigned Numbers Authority. ICANN is the group in charge of internet governance at its most basic level, choosing which new top-level domains (like .com or .org) to create, and setting the protocols for how internet addresses work. Ironically, it was the domain name settings for the ICANN and IANA sites themselves that were hacked and redirected to a page with a derisive message.
The hackers fortunately are a group from Turkey apparently more interested in mischief and notoriety than in harming user's computers, but it would have been easy to redirect ICANN and IANA visitors to a malicious site if that had been the hackers' goal.
The lesson? As ZDNet's "Dancho Danchev put it":http://blogs.zdnet.com/security/?p=1356&tag=nl.e539:
bq. One thingâ€™s for sure though, if the ICANN and IANA can lose control of their domains, anyone can.