R E L A T E D   C O N T E N T
Similar articles
KnowledgeBANK
News centre
More from vnunet.com
ADVERTISEMENT

Hacking spree threatens ecommerce

Hackers have hijacked a series of high-profile internet sites in a move that security experts said could have serious implications for the development of ecommerce.

John Leyden, vnunet.com 14 Apr 2000
ADVERTISEMENT

Hackers have hijacked a series of high-profile internet sites in a move that security experts said could have serious implications for the development of ecommerce.

The hackers, who have not been identified, fooled domain name registrar Network Solutions into changing the registration of Domain Name System (DNS) servers at a range of sites causing a total loss of service.

Sites that were hit included those of Manchester United and adidas.

Front pages were replaced by a coat of arms with the title "Kosovo is Serbia", replacing corporate logos. The internet vandals also left the message "be happy if we hacked your site because we hack only the best sites on the internet".

Cheryl Regan, spokeswoman at Network Solutions, said: "There is an active investigation about unauthorised changes to domain registration which allowed people to effectively hijack websites."

Regan said Network Solutions had put in place measures to prevent the hijacking, but she admitted that the changes had not yet been eradicated as it takes several days for DNS changes to be updated throughout the internet.

She said suggestions that 2000 sites were affected were "much too high" but declined to give the actual figure.

Chris Royle, director at security integrator Objectronix, said implications of the domain name spoofing are serious because they show how easy it is to hijack and disable an ecommerce site.

"This is like someone walking into a bank without a debit card or ID and being given money from a stranger's account," said Royle.

In previous cases it was found that human error was to blame, where changes to domain registration could be made without any security checks taking place. Top-level registries need to start accepting greater responsibility, he added.

Paul Cronin, head of penetration testing at security consultants CenturyCom said: "This appears to be more a case of sloppy security procedures than poor technology."

He said that the hackers had probably made the change by sending a spoofed email from the address of the person who looks after the domain names and requesting changes to DNS server records.

Cronin said that Network Solutions must insist on verifying identities, and added that users should take up the option of providing instructions for domain name changes via encrypted emails.

"Security breaches such as these can be extremely embarrassing to the companies involved," said Cronin.

See also:

Ecommerce: where there's a will, there's a way
Although three out of four adults in the UK now use the internet in some shape or form, very few actually take the plunge and buy goods online. Julian Patterson looks at why ecommerce is not taking off in Europe as quickly as might be expected.  12 Jul 2000
Security: how safe is your data?
While security has always been an issue, the ability of organisations and individuals to keep their confidential data safe not only from prying eyes but also from attack is becoming an ever greater concern. The problem is becoming particularly marked as the world becomes more networked and companies conduct increasing amounts of business over the internet. Here we look at a range of issues that are starting to affect every one of us.  29 Jun 2000
The danger facing internet servers
The majority of servers that control the internet are vulnerable to attack, because some administrators are not updating security software.  29 Jun 2000
Ecommerce: back to the future
In the first of a weekly series of ecommerce special reports, Julian Patterson sets the scene with a time-warped retrospective written five years from now. In coming weeks, we'll be returning to the present with more down-to-earth reports on the ASP market, e-procurement, consumer services and m-commerce.  29 May 2000
VeriSign shares plummet after NSI takeover
VeriSign yesterday moved to buy domain name registration company Network Solutions (NSI), but within hours the value of the deal had dropped by a third.  08 Mar 2000
Network Solutions is cleared on both sides of Atlantic
Network Solutions said regulators from the EU and the US have closed their antitrust investigations into the dominant registrar of Internet addresses, without further action or inquiry.  03 Feb 2000
Famous names snatched after domain name glitch
Hundreds of domain names resembling well known names and trademarks have been registered by fast thinking Web users who spotted a glitch in the registration system.  07 Jan 2000
Hotmail bailed out after forgotten bill
Hotmail users had an unlikely hero to thank for restoring their service when it suffered a glitch on Christmas Eve - a Linux programmer and his credit card.  06 Jan 2000
Network Solutions ends domain name stalemate
by Jan Howells, VNU Newswire  28 Sep 1999
Abuse claims levelled at NSI
EC Commissioner pleads for end to feud with ICANN.  06 Aug 1999

All Hacking

Like this story? Spread the news by clicking below:

Post this to Delicious del.icio.us    Post this to Digg Digg this    Post this to reddit reddit!

Permalink for this story

M A R K E T P L A C E
Sponsored links
F E A T U R E D   J O B S
C#, GUI Developer – Fixed Income – Investment Bank
| Aston Carter
C#, GUI Developer – Fixed Income – Investment Bank. My client is seeking a strong C# ASP.Net developer to join their Fixed Income area and operate within one of the top tier investment banks in ... more >
Technical Project Manager / SDLC West London, £75k
| Computer People
Technical Project Manager / SDLC West London, £75k - (Software Development, SDLC), RUP Serious opportunity for hands on Technical Project Manager to join a leading blue chip organisation based in an easily accessible area of ... more >
C# Developer
| Computer People
C# Developer - Nottingham 4 Month Contract Market Rates I have an exciting opportunity for a C# ASP.NETDeveloper working for an established client within Computer People. Working from their offices in Nottingham you’ll be providing ... more >
International Assignment / Global Mobility / Expatriate Tax Manager - In-house Opportunity
| JAM Recruitment
Job Ref: AS/20356/TAX Package: c£60,000.00 + Bonus + Benefits Location: Middlesex Job type: International Assignment / Global Mobility / Expatriate Tax Manager Position type: Permanent Hours: Full-time Contact name: Andy Shaw Contact Company: JAM Mobility ... more >
More job opportunities
Accountancy Age
Active Home
Best Practice
Computeractive
Computing
Computing Business
CRN
Financial Director
Infomatics
Information World Review
IT Week
Management Consultancy
Network IT Week
Personal Computer World
PC Magazine
VNU Web seminars
vnunet.com
Webactive
What PC?
Useful links: About vnu network | Privacy policy | Terms & conditions
Access keys | Top of page | Feedback
VNU Business Publications
© 1995-2008 All rights reserved
VNU Business Publications Ltd., 32-34 Broadwick Street, London, W1A 2HG, is a company registered in England and Wales with company number 01513633
part of part of vnu.net europe