WELCOME :: MAIN MENU MOVED TO THE BOTTOM OF THIS BLOG
Search This Blog
Saturday, April 21, 2012
ICANN: Domain Delay Not a Hack
ICANN's chief security officer said Friday that the issue that forced the organization to shut down its generic TLD application process was a bug, but not a hack.
In a staged video interview between Brad White, ICANN's director of global media affairs, and ICANN chief security officer Jeff Moss, Moss said there was no evidence of any malicious activity.
After analyzing all of the logs and looking for other indicators of malicious activity, "we didn't find anything," Moss said, that indicated it was a hack.
"We're very confident we understand what caused the issue, and we've corrected the issue," Moss said. Now, ICANN is poring through its logs, trying to identify who might have been affected, who might have viewed the information, and when.
Every applicant will be notified of their status, whether they were affected or not, Moss said.
On April 18, ICANN said that the issue arose when an applicant file was deleted. In certain cases, that allowed the file name of another uploaded by a different user to be exposed. "Certain data was being revealed to users, who were not seeking the data - it would just show up on their screen," Moss said Friday.
The number of file names or users affected is known, but it's "definitely a minority," Moss said. ICANN won't reveal the number at this time. Although the glitch was spotted on March 19, there was no way of knowing that it was a bug at that time, he said.
At issue is ICANN's plan to open up new generic top-level domains (gTLDs). At this point, there are 22 gTLDs, including .com, .org, and .net. In June, however, ICANN approved a plan that would allow people to apply for new gTLDs, like .pcmag, for example.
ICANN has been accepting gTLD applications via its TLD Application System (TAS) since Jan. 12 and was scheduled to close up shop on April 12, but the glitch prompted a temporary shutdown.
Why did ICANN take the system offline? It was the safest thing to do, Moss said.
"So without knowing if it was a security incident, without knowing if it was a data corruption problem, the safest thing to do was to take it offline," Moss explained. "The problems, had we kept it running only to find out it was a bigger problem down the road, would have been catastrophic."