For years, hackers have abused the registration process to obtain new domain names which they then use to orchestrate cyber intrusions. Today, if attackers can hijack an existing customer domain at any of these companies, they can also reroute email and web-based communications, obtain confidential information and disrupt communications. And if they are able to compromise administrative infrastructure for DNS service providers themselves, they can cause potentially massive chaos, including for entire government and military domains.
These recent alerts and attacks highlight an under-appreciated cyber security vulnerability in the global domain name system. Two years ago, the Global Commission on the Stability of Cyberspace, which I co-chair, called on both state and non-state actors not to threaten the integrity of the public core of the internet.
We now need concerted international action to address the risk to essential DNS infrastructure and reduce the opportunity for bad actors to disrupt services critical to the way we communicate and trade today.
Read the full article here.