This event comes at a time when the United States Government is saying that cyberspace is the next frontier for "organized" military/terrorist organizations to attack US critical infrastructure. Most probably don't think that Twitter is critical, however this does represent a formidable day in the cyber war. Although there have been other organized attacks to date, this is one of the most high profile instance of a politically motivated group attacking a website. Whether it is the so-called "Iranian Cyber Army" or a random group of mischiefs, this illustrates how vulnerable sites are to attack.
According to Twitter, the attack was accomplished by temporarily compromising the Twitter DNS records via DNS hijacking, to redirect incoming www.twitter.com to another webpage which was likely hosted on a free web hosting server, which hasn't been identified as of yet. DNS hijacking or DNS redirection is the proactive act of redirecting the resolution of Domain Name System (DNS) names to IP addresses from legitimate DNS servers to rogue DNS servers. This is done particularly for the practice of injecting malware into unsuspecting computers, pharming, phising or defacing.
This appears to only have been a successful defacing attack, the attacker could have just as easily created a fake twitter page, and pharmed or phished information from users. Those users would have unknowingly divulged their username and password to the attackers, and potentially their private tweets.
The question is: What is next from the Iranian Cyber Army?
Post a Comment