Skip to main content

ICANN受到鱼叉式网络钓鱼攻击 | 现已推行强化安全措施

ICANN正在调查近期发生的一次系统入侵事件。我们认为这次"鱼叉式网络钓鱼"攻击始于2014年11月底。这次攻击采用模拟本机构内部域名的方式向员工发送电子邮件。本次攻击导致了ICANN多位员工的电邮身份信息受到影响。

2014年12月初,我们又发现,这些受到影响的电邮身份信息又被用于访问除电邮系统以外的其他ICANN系统,这包括:

  • 集中化域资料服务(CZDS)(czds.icann.org
    攻击人攫取了管理人访问权限,可查看CZDS中的全部文件。这包括:本系统中的域文件副本、用户输入信息如:姓名、邮政地址、电子邮件地址、传真号码、电话号码、用户名和密码。尽管所有的密码均采用加盐哈希加密的方式进行储存,我们仍旧采取了防患措施,停止使用了全部CZDS密码。用户可以到czds.icann.org页面中申请输入新密码。我们建议CZDS用户采取适当措施,以保护他们使用同一用户名/或密码的其他网络账户。ICANN正在通知CZDS用户,告知其个人信息可能受到了影响。

  • ICANN政府咨询委员会(GAC)维基页面(gacweb.icann.org
    攻击人查看了公共信息、GAC成员专属索引页面和一名用户的简介页面。其他非公共内容并未遭到访问。

本次非授权访问攻击人还攫取了另外两个系统的用户账户,即ICANN博客(blog.icann.org)和ICANN WHOIS(whois.icann.org)的信息端口。但这两大系统并未受到负面影响。

根据截止目前的调查结果,我们暂未发现其他系统受到影响,我们还确定本次攻击并未影响到任何与IANA相关的系统。

今年早些时候,ICANN启动了安全措施强化项目,从而提高ICANN全部系统的信息安全。我们认为,这些强化措施限制了本次非授权攻击的访问范围。自发现攻击事件后,我们现已推行了额外的安全保护措施。

我们现公开发布本事件的详情,以兑现我们做出的开放性和透明性承诺,并与所有受到影响的系统分享网络安全信息,帮助它们评估各自系统所受到的威胁。

如需有关本次攻击事件的额外信息,请查看ICANN网页。


More Announcements
Domain Name System
Internationalized Domain Name ,IDN,"IDNs are domain names that include characters used in the local representation of languages that are not written with the twenty-six letters of the basic Latin alphabet ""a-z"". An IDN can contain Latin letters with diacritical marks, as required by many European languages, or may consist of characters from non-Latin scripts such as Arabic or Chinese. Many languages also use other types of digits than the European ""0-9"". The basic Latin alphabet together with the European-Arabic digits are, for the purpose of domain names, termed ""ASCII characters"" (ASCII = American Standard Code for Information Interchange). These are also included in the broader range of ""Unicode characters"" that provides the basis for IDNs. The ""hostname rule"" requires that all domain names of the type under consideration here are stored in the DNS using only the ASCII characters listed above, with the one further addition of the hyphen ""-"". The Unicode form of an IDN therefore requires special encoding before it is entered into the DNS. The following terminology is used when distinguishing between these forms: A domain name consists of a series of ""labels"" (separated by ""dots""). The ASCII form of an IDN label is termed an ""A-label"". All operations defined in the DNS protocol use A-labels exclusively. The Unicode form, which a user expects to be displayed, is termed a ""U-label"". The difference may be illustrated with the Hindi word for ""test"" — परीका — appearing here as a U-label would (in the Devanagari script). A special form of ""ASCII compatible encoding"" (abbreviated ACE) is applied to this to produce the corresponding A-label: xn--11b5bs1di. A domain name that only includes ASCII letters, digits, and hyphens is termed an ""LDH label"". Although the definitions of A-labels and LDH-labels overlap, a name consisting exclusively of LDH labels, such as""icann.org"" is not an IDN."