Multiple hacks against the .com manager

VeriSign has admitted that they were hacked numerous times in 2010. This revelation has come late for the .com manager who had previously believed that their DNS infrastructure hadn’t been compromised.

Updated by Reuters, admitting that such events took place has taken its time, with the information being filtered and presented in financial documents published in October 2011 which revel that repeated cyber-attacks date back to 2010 with some of these being successful. This will surely concern users as the hackers managed to affect VeriSign.

Based in Virginia in the United States, the company is responsible for managing the .com extension and operates root DNS servers. The attacks didn’t manage to compromise the server network which manages domain names. This is what VeriSign believes, although it is difficult to prove. In addition to this, VeriSign hasn’t ruled out that information relating to the DNS network hasn’t been stolen.

DNS is the system that matches web site addresses with their IP address. If the DNS network was compromised, cybercriminals would be able to redirect internet users to the pages that they operated instead of some of the normally most visited sites in the world. Once this has been done, users would run the risk of being infected with malware.

VeriSign has numerous activities and sold their SSL certificate division to Symantec in 2010 (the VeriSign brand was kept). These certificates make up a trusted chain between the user and an authentication server, assuring the integrity of data being transferred between the visitor and the secure site. According to Symantec, there is no threat to the system.

Besides the stream managed by VeriSign which were attacked, what is most shocking in this affair is the time it took between the events taking place and when they were divulged to users, especially with the announcement being hidden in documents filed with the U.S. Securities and Exchange Commission.