RESPONSE TO CLASSMATE
- What commonalities do you recognize between the attack you researched and that of your classmate?
- Attacks are seldom entirely unique in their design and execution. What lessons can be learned from analyzing the similarities between your attack and your classmate’s?
The type would have been a domain hijacking attack. The owners of a TLD did not notice that a name server that they own was expiring and was about to enter Deletion status. When in Deletion status, one could listen in on encrypted traffic and redirect from websites registered to this domain to other, probably harmful websites. The ccTLD belonged to the Democratic Republic of Congo, but it couldve been any TLD since one needs to keep track of when name servers expire to not let it lapse. A security researcher and Co-found of security company, Detectify was doing a checkup of nameservers of ccTLDs when he found that .cd was about to expire and renewed it just in time before anyone else got a chance to exploit it. The effects of would-be attack would be detrimental to citizens and government officials of that country, as akin to a virus, it affects those who unknowingly try to access the site. A formerly trusted website will have its trust eroded, benefiting cyber criminals with personal information and financial gains, dispersion of fake news to a mass audience. These implications would have long-lasting effects and can last for decades, if not longer. A cyber criminal may not return the domain to its rightful owner unless somehow law enforcement could make them. A DNS-related attack such as hijacking could be chosen if the vulnerability was there and a simple attack is needed such as domain expiration and renewal. The would-be victim could have avoided this by keeping track of expiration dates and renewal them on time, having a few people to rely on for this sort of thing because it looks like no one in charge of the nameserver knew this was going to happen.
Is this the question you were looking for? Place your Order Here
