[Cryptography] DNS subverted to spy on N Korea
Henry Baker
hbaker1 at pipeline.com
Mon Jan 19 10:19:19 EST 2015
FYI -- If DNS is this easy to hack, we're all in big trouble; DNS needs to be secured ASAP.
"NSA secretly hijacked existing malware to spy on N. Korea, others"
http://arstechnica.com/information-technology/2015/01/nsa-secretly-hijacked-existing-malware-to-spy-on-n-korea-others/
One of the comments on this article:
"nider Smack-Fu Master, in training et Subscriptor"
"There were two things that stuck out to me from this article:"
"1. The NSA from the data they collected were able to "reverse-engineer" the zero day exploit and start using it themselves."
"2. The NSA were able to take control of a bot-net that was targeting, amongst others, an unclassified DOD network by poisoning DNS traffic on the public internet."
"This in turn tells me two things: no one can assume that a zero-day exploit that's been used is not known by other actors who have similar collection capabilities, and we need DNSSEC to protect ourselves from fraudulent DNS results."
"Any attack that can be used by a "friendly" actor, one must assume that the same can be used by an "enemy" actor. It doesn't take too much imagination to consider a situation where instead of being used to take control over a bot-net, the same techniques could be used for corporate espionage, targeted attacks against individuals who either embarrass the actor, or whose views or message the actor wants to suppress."
More information about the cryptography
mailing list