In the process of analyzing the mechanisms behind Internet addresses, some security experts discovered that hackers could control over one-third of websites using simple techniques. Consequently, they are calling for a “major overhaul” of the domain name structure to address these issues.
Whenever users access a website, their computers query one of the “Net directories” or domain name servers to determine the site’s location. According to Professor Emin Gun Sirer at Cornell University, an average of about 46 computers (which store various pieces of information about the components of an Internet address) are queried to find the actual location of a dotcom site. However, the links between these management systems reveal numerous vulnerabilities, making it easy for hackers to exploit and take control.
A research team at Cornell University analyzed nearly 600,000 computers and confirmed that 17% of the servers managing Net address directories were also affected by ordinary exploitation using simple command codes.
The website of the U.S. Federal Bureau of Investigation (FBI) has been impacted by this flaw. Although the five computers referencing the fbi.gov page were secure, one of them was linked to systems that had not yet patched previously reported vulnerabilities. This computer was fixed after Sirer informed the FBI, but hundreds of thousands of other sites are still facing similar issues.
Sirer asserts that if these exploits are combined with Distributed Denial of Service (DDoS) attacks, 85% of the Internet could be at risk of being controlled. At that point, users would have no choice but to query website addresses through compromised servers.
“It’s possible that hackers have already done this without our knowledge,” Sirer said. “The domain name system has succeeded beyond our imagination, but nonetheless, it is nearing its end. We need to consider a new Internet address system that replaces the current hierarchical structure with a robust and harder-to-control peer-to-peer structure.”
T.N.
