Inside the White House with D.C.'s most wired reporter. Sign up for Mike Allen's Axios AM.

Stories

Report: Massive internet address hijacking spree has ties to Iran

Iranian President Hassan Rouhani (middle). Photo: Iranian Presidency/Getty Images

FireEye reports that a multi-year, global campaign of hacking government, telecommunications and internet infrastructure systems has ties to Iran.

Why it matters: The previously untracked hacker group uses a technique known as "DNS hijacking," which is uncommon for campaigns of this scale.

Read more toggle
Show less
Go deeper131 Words

DNS, or the Domain Name System, is sort of like the internet's equivalent of a telephone operator switchboard. It changes web addresses like "axios.com" to numeric internet addresses.

  • DNS hijacking changes the record of domain names to point to different internet addresses, rerouting traffic to a different system the hackers have chosen.

Details: These attacks targeted dozens of victims in the Middle East and North Africa, Europe and North America, and were clustered between 2017 and the present.

  • The hackers used internet addresses in the attack previously used in attacks attributed to Iran, which FireEye notes implies a connection to Iran..
  • However, basing an attribution on internet addresses alone is not generally considered particularly strong, and FireEye is not ready to say outright that the attackers are Iranian.
Cybersecurity
More stories loading.