NSI's Web site hacked

Hackers struck major linchpins in the Net's address system, redirecting Network Solutions visitors to another site and apparently attacking servers operated by the Net's new technical administrator.

3 min read
Hackers struck major linchpins in the Internet's address system today, redirecting Network Solutions visitors to one of its future ".com" competitors and the new body in charge of managing the Net's technical functions, crippling that site too, according to NSI executives.

The world's dominant domain name registrar, NSI discovered that its various sites were down about 2 a.m. PT today and that they were automatically sending surfers to a hopeful registrar, the Internet Council of Registrars (CORE), and the Net's new administrator, the nonprofit Internet Corporation for Assigned Names and Numbers.

NSI's main site still appears to be malfunctioning, although the company said its system has been restored. ICANN's site also was inaccessible this morning, possibly due to increased traffic from NSI's visitors.

ICANN also runs the Net's "L root" server, one of the 13 servers that comprise the worldwide network, but its technical administrator said there was no indication so far that ICANN's systems had been hacked too.

"It was a hack. We're investigating it, and the FBI is involved," NSI spokesman Brian O'Shaughnessy said. "The FBI told us that they are on their way to the ICANN's building in Southern California now to secure the servers because there could have been a hack on their end."

Specifically, the FBI is looking into an Internet service provider located in the same Marina Del Ray building as ICANN, SoftAware, which NSI says--based on its initial investigation--appears to be the launching pad for the hack.

The Commerce Department and other international governments have anointed ICANN to administer the Net and to trigger competition in domain name registration, which Network Solutions has dominated since 1993 under a U.S. government contract. Both entities are responsible for the Net's most critical function: the domain name system that allows online users to call up Net and e-commerce sites by typing in names ending in ".com," ".org," and ".net."

The hack is a sober reminder of the Web's vulnerability, even among companies and government agencies equipped with state-of-the-art security technology. Government entities from the White House to the National Weather Service have come under a rash of computer system attacks in recent months.

In July 1997, a hack redirected NSI visitors to a site called AlterNIC, which aimed to compete with Network Solutions by offering alternate domains, such as ".ltd," ".sex," and ".med." AlterNIC's founder, Eugene Kashpureff, who exploited a security hole to "hijack" NSI's site, pleaded guilty in March 1998 to one count of computer fraud in the incident.

Most of the 5 million domain names registered by NSI have been facilitated through its partners, such as Internet access providers. But of the approximately 10,000 names registered per day, about 3,000 are registered through NSI's own site. And at $119 for a two-year registration, the company could potentially lose thousands of dollars for the time that it was not in operation.

CORE, one of five initial organizations chosen to compete with NSI directly by tapping into its registration system, alerted site visitors about the hack and said it would pursue its perpetrators.

"These problems seem to be the result of illegal acts by hackers," CORE stated. "CORE strongly condemns these acts and may take legal action against the perpetrators."

Today's hack will no doubt fuel the fire for legislation to improve computer security, such as the House Science Committee's Computer Security Enhancement Act, which was introduced yesterday.