Sea Turtle DNS Hijacking Threatens The Internet

A new and highly skilled team of hackers spying on dozens of government targets is never welcome news, but one team of cyberspies has pulled off that scale of espionage with a rare and troubling trick, exploiting a weak link in the internet's cybersecurity that experts have warned about for years. It is DNS hijacking, a technique that meddles with the fundamental address book of the internet.


Researchers at Cisco's Talos security division has revealed that a hacker group calling itself Sea Turtle carried out a broad campaign of espionage via DNS hijacking, hitting 40 different organisations. In the process, they went so far as to compromise multiple country-code top-level domains—the suffixes like .co.uk or .ru that end a foreign web address—putting all the traffic of every domain in multiple countries at risk.


The hackers attacked telecoms, internet service providers and domain registrars responsible for implementing the domain name system. But the majority of the victims and the ultimate targets, Cisco believes, were a collection of mostly governmental organisations, including ministries of foreign affairs, intelligence agencies, military targets, and energy-related groups, all based in the Middle East and North Africa. By corrupting the internet's directory system, hackers were able to silently use "man in the middle" attacks to intercept all internet data from email to web traffic sent to those victim organisations.


Cisco Talos researcher Craig Williams says the Sea Turtle campaign is disturbing not only because it represents a series of brazen cyberspying operations but also because it calls into question that basic trust model of the internet.


"When you're on your computer and visit your bank, you assume DNS servers will tell you the truth," Williams says. "Unfortunately what we're seeing is that, from a regional perspective, someone has broken that trust. You go to a website and it turns out you don’t have any guarantee of who you’re talking to."

more news

Sweat in peace, don’t bleed in war…


Whether you believe it was General Patton, General Shwarzkopf or another historic figure who coined these words – the point it makes has never been more relevant than today in the world of business, as well as in the mindset of the military. Even if the violent imagery doesn’t reflect your business leadership style, please read on, because we all need to consider how strategic neglect can lose business fast - faster than ever in fact. The same impetus that can create business value quickly from nothing can return it to dust with a speed that defies human understanding.

read more

Smartphone, Dumb Owner? Strengthen Your Mobile Security


With the growth in the use of smartphones and tablets in the workplace and the increase in personal use for such things as online banking, cybercriminals are turning their nefarious attention to mobile devices. Internet security giant Symantec has revealed that mobile malware variants soared by 54 per cent in 2017 when compared to the previous year.

read more

Prepare Against Cyberattacks - There Are Resources Available


It is foolish, in the mostly digital world we now live in, to assume that there is someone available to bail you out. Quite simply the more digitalised we get, the more self-sufficient we need to become. Protecting our assets online has never been such an important aspect of any business. There are a multitude of sites, services and products available to help, Government Agencies, the police, National Cyber Security Centre all willing to help and spraying the internet with great advice.

read more

IT Managers Overwhelmed Fighting Cyberattacks - Sophos


A global survey, The Impossible Puzzle of Cybersecurity, carried out by Sophos reveals IT managers are inundated with cyberattacks coming from all directions and are struggling to keep up due to a lack of security expertise, budget and up to date technology.

read more