|
Dubai: Last May a flaw in the internet was discovered that could allow hackers to control which websites you visit.
The error, called a cache-poisoning flaw, wasn't with any specific company. Instead, it was found in internet's Domain Name System or DNS.
According to Dimitrios Petropoulos, managing director of ENCODE Middle East, an IT security firm located in Dubai, DNS is an integral part of how the internet works.
All web sites have a number, called an IP address, which work as a telephone directory for the internet. A DNS server converts the name of a website, such as www.google.com, into the necessary IP address.
While it appears that no hackers tried to use the flaw, catching such an attack would have been difficult.
"It's a very effective attack method because it's invisible to the end user," said Rik Ferguson, the chief technical architect for TrendMicro, an internet security firm.
Several major companies, including Cisco, Microsoft and Sun Microsystems, worked on developing a patch for the flaw. The patch, which was released on Wednesday, isn't meant for individual home users. It is designed to be used on DNS servers or by any company that has DNS software.
According to Neil Batstone, a Verisign manager in the region, the threat is a major one, due to the nature of the internet. Verisign is the company that operates the .com and .net domain extensions.
"It doesn't effect anyone here anymore than anywhere else in the world," he said. "It's a threat globally."
Etisalat in a statement said that it "has been studying the impact of this vulnerability and no known exploits have been discovered to-date. All necessary measures and patching has been carried out in partnership with the different vendors. Therefore, we do not anticipate any implications on Etisalat's internet services."
While there is no evidence that any hackers have used the flaw, Petropoulos said the potential is there for three types of serious attacks.
The first, called a Denial of Service (DoS) attack, would have allowed hackers to prevent anyone from accessing a website, simply by directly all traffic away from it. This type of attack could have a severe financial impact on such companies as Amazon.com, which sees the majority of its revenue from online sales. DoS attacks have also been carried out against governments and countries.
In April 2007, an attack was carried out against the country of Estonia, effectively shutting down the small country's internet access. The attack was the result of Russian hackers using a bot-net, not the cache-poisoning flaw. A bot-net is a network of computer infected by malware. Lithuania faced similar attacks earlier this week.
The second concern, according to Petropoulos, is that hackers would be able to redirect traffic away from financial institutions.
If a user attempts to access his bank online, he would instead be redirected to a "cloned site" that looked and acted just like the real site. Any user who attempts to log in to such a site would be handing over his login name and password, and possibly other sensitive information, directly to the hackers in control of the cloned site.
The third concern is that hackers may load the cloned site with malware, such as key-loggers, which could record all the information a user types into a computer and then transmit it to a hacker.
The best way for home users to protect themselves, Ferguson said, is to have a security software that has a "website reputation" feature built into it. Website reputations are often updated in real time and can warn users when they are redirected to a malicious site.
In a recently released report, TrendMicro said it had seen an increase in web threats. The company has predicted that attacks focusing on major social and news events, such as the Summer Olympics, the US elections, and even the back-to-school shopping season, will be on the rise.
Has your personal email account ever been hacked into? How did it affect you? Do you check for website's authenticity before providing you personal details? Tell us at letter2editor@gulfnews.com
Send us your comments
TERMS AND CONDITIONS
Gulf News may edit comments for length and clarity but will not change the tone of the message. Comments will only be accepted if all fields (including name) are filled correctly and the message isn't abusive, defamatory or offensive. The Gulf News website will only print your first name along with your comment. Please state in the message if you wish to remain anonymous. All comments sent may be forwarded for use in the Gulf News newspaper.
|
