Computerworld

Domain name provider provider suffers hack attack

Internet address provider Network Solutions has been the subject of a hacker attack in which potential visitors to its Web site were redirected to a site operated by a group of potential NSI competitors - the Internet Council of Registrars (CORE).

Internet address provider Network Solutions has been the subject of a hacker attack in which potential visitors to its Web site were redirected to a site operated by a group of potential NSI competitors, an NSI spokesman said.

As of 5:00 a.m. Pacific Time on Friday, people trying to access NSI's Web site were redirected to the homepage of the Internet Council of Registrars (CORE), a group representing some 85 registries worldwide that hope to offer Internet address registration services that will compete with NSI's, according to NSI spokesman Brian O'Shaughnessy.

Depending on where on the Internet they were coming from, some visitors were also directed to the Internet Coalition for Assigned Names and Numbers (ICANN) Web site, a non-profit group appointed by the U.S. government to shepherd in a new system for assigning Internet addresses.

The hack is being investigated by the Federal Bureau of Investigation and by NSI's technical staff, O'Shaughnessy said. The problem is being fixed, but at noon Pacific Time today some visitors were still being redirected to the CORE and ICANN sites, he said.

The hack originated with a server hosted by an Internet service provider and former member of CORE, called SoftAware, in Marina del Rey, California.

"A (server) located here was hacked and used to give (NSI) a black eye," confirmed Jason Weisberger, chief technical officer with SoftAware. SoftAware is cooperating with NSI and the FBI to catch the perpetrator of the attack, he added.

SoftAware's data center happens to be located in a building that ICANN also uses for one of its offices, O'Shaughnessy said. NSI "absolutely does not" have reason to believe that SoftAware, CORE or ICANN were involved in the attack, O'Shaughnessy said.

ICANN could not immediately be reached for comment.

CORE has posted a statement on its Web site at http://www.corenic.org, in which it informs visitors they may have been redirected to its site as a result of "illegal acts by hackers."

"CORE strongly condemns these acts and may take legal action against the perpetrators," the statement reads.

Until last month, the system for assigning Internet addresses -- known as domain names -- was managed exclusively by NSI under a 1993 contract with the U.S. government. ICANN was set up by the administration of U.S. President Bill Clinton to oversee the creation of a new, competitive system in which NSI will be one participant. On June 7, register.com became NSI's first competitor. [See "UPDATE: Register.com Cans NSI's Domain Monopoly" June 7]

NSI, in Herdon, Virginia, is at http://www.nsi.com/. ICANN is at http://www.icann.org/.