[AfrICANN-discuss] Google blames DNS insecurity for Web site defacements

Anne-Rachel Inné annerachel at gmail.com
Sat May 16 09:38:10 SAST 2009

May 15, 2009
Google blames DNS insecurity for Web site defacements Traffic to Google
sites in Uganda, Morocco and Kenya was disrupted this week By Rebecca
Wanjiku | Computerworld Kenya


Domain Name System (DNS) insecurity caused the defacing of Google Web sites
in Uganda and Morocco, according to a Google spokesperson.

Earlier this week, both Google Uganda and Google Morocco were redirecting
traffic to different sites.

*[ Learn how to secure your systems with Roger Grimes' Security
Adviser blog<http://www.infoworld.com/blogs/roger-grimes?source=fssr>and
Central newsletter<http://www.infoworld.com/newsletters/subscribe?showlist=infoworld_sec_rpt&source=fssr>,
both from InfoWorld. ]*

"Google was not hacked, the problem occurred at the DNS level where someone
redirected the Internet Protocol to other sites. We contacted the registry
managers in Uganda and Morocco about the DNS attack," said Jay Nancarrow,
Google Global Communications Public Affairs officer.

"Yes, someone got hold of the DNS and interrupted service by redirecting
[the] Google Web site and a few other Web sites," said Charles Musisi,
managing director of Computer Frontiers, the operators of the .ug domain

Google services in Kenya were also temporarily disrupted, though Nancarrow
said the cause of disruption is yet to be identified.

The Google interruption has led to debate about whether Internet service
providers and registry operators were monitoring the security threats posed
by hackers and other malicious attackers.

"Issues of DNS cache poisoning are common in East Africa. ISPs do not take
security seriously, which makes it easier for malicious hackers," said Tyrus
Kamau, a network security consultant.

John Gichuki, a security expert who has helped set up security safeguards
for companies in East Africa, says that the level of security depends on the
security policies set by the information security department in an

"ISPs should have security assessments done; physical and operational
security; they should be in a position to monitor traffic going through
their routers and servers," said Gichuki.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.afrinic.net/pipermail/africann/attachments/20090516/d5d46898/attachment-0001.htm

More information about the AfrICANN mailing list