Details Emerge Of Latest Twitter Attack

The incident underscores the importance for businesses of keeping an eye on DNS security.

New details about the attack that disrupted Twitter on 17 Dec. have begun to emerge.

According to Twitter, the DNS (Domain Name System) settings for Twitter.com were hijacked, resulting in roughly 80 percent of the traffic from the site being redirected elsewhere from 9:46 p.m. to 11 p.m. PST.

Apparently, the attackers got their hands on a valid set of Twitter credentials and used them to compromise the DNS records. A spokesperson for Dyn, the DNS company that services Twitter, said an authenticated user logged into the Dynect platform and redirected the site. None of Dyn’s other customers were affected, the spokesperson said.

“During the attack, we were in direct contact with our DNS provider, Dynect (Dyn),” blogged Twitter co-founder Biz Stone. “We worked closely to reset our DNS as quickly as possible. The motive for this attack appears to have been focused on defacing our site, not aimed at users—we don’t believe any accounts were compromised.”

Twitter users were redirected to a page that read: “Iranian Cyber Army … This Website Has Been Hacked by Iranian Cyber Army.”

The attack put a spotlight on DNS security. According to Rick Howard, director of security intelligence at VeriSign iDefense, DNS is often overlooked from a security perspective in favor of application and operating system vulnerabilities, though in his opinion enterprises are less likely to allow recursive DNS queries than a few years ago due to increased awareness of the problems that can arise.

“Few [enterprises] have in-house DNS experts or dedicated staff, yet nearly all their Internet communication heavily relies on the DNS system,” Howard said.

“Basic DNS monitoring is sorely lacking,” he continued. “While enterprises may monitor DNS availability, and are increasingly aware of DDoS [distributed denial of service] attacks targeting domain name servers, simple monitoring for DNS integrity is often overlooked. Enterprises should also pay attention to the rollout of DNSSEC, which mitigates some attacks, but is not yet widely available.”

Enterprise DNS services will come under more pressure as targeted attacks against businesses and governments increase, said Ray Dickenson, CTO of Authentium.

“Motivations for criminals and other malicious operators to attack companies include stealing intellectual property and cyber-extortion that involves threats to reveal sensitive information or otherwise embarrass a company or brand unless money is paid,” Dickenson said.

When it comes to popular Web 2.0 sites like Twitter, it can be expected that attackers will increasingly paint a bull’s-eye on them as a means of spreading political messages, noted Dave Marcus, director of Security Research and Communications at McAfee.

“The larger trend behind this attack is hacktivism—activist groups want millions of people across the world to see their message, and this time they did it by architecting a redirect on Twitter, causing the Website to suffer downtime,” Marcus said.

Brian Prince eWEEK USA 2014. Ziff Davis Enterprise Inc. All Rights Reserved

Share
Published by
Brian Prince eWEEK USA 2014. Ziff Davis Enterprise Inc. All Rights Reserved

Recent Posts

Northvolt Mulls US Bankruptcy Protection – Report

Troubled battery maker Northvolt reportedly considers Chapter 11 bankruptcy protection in the United States as…

16 hours ago

FTC Plans Investigation Into Microsoft Cloud Business – Report

Microsoft's cloud business practices are reportedly facing a potential anti-competitive investigation by the FTC

18 hours ago

Programmer Sentenced To Five Years In Prison For Bitcoin Laundering

Ilya Lichtenstein sentenced to five years in prison for hacking into a virtual currency exchange…

19 hours ago

Hate Speech Watchdog CCDH To Quit Musk’s X

Target for Elon Musk's lawsuit, hate speech watchdog CCDH, announces its decision to quit X…

2 days ago

Meta Fined €798m Over Alleged Facebook Marketplace Violations

Antitrust penalty. European Commission fines Meta a hefty €798m ($843m) for tying Facebook Marketplace to…

2 days ago

Elon Musk Rebuked By Italian President Over Migration Tweets

Elon Musk continues to provoke the ire of various leaders around the world with his…

2 days ago