CERT downplays hacker attacks

No complaints have been made regarding the hacking of the DNS servers of many international company websites by the Sri Lankan branch of Anonymous while no serious effects have yet to be felt following the breach, the Computer Emergency and Readiness Team (CERT) stated.

Speaking to Ada Derana, Senior Information Security Engineer of CERT, Rohana Palliyaguru stated that the hackers have not had a serious effect on the websites and were merely boasting through the statements they had made.

He also denied that any of the CERT websites had been affected while stating that no Sri Lankan websites had been attacked yet.

The Sri Lankan branch of Anonymous claims to have hacked into the DNS servers of Symantec, Apple, Facebook, Microsoft, and several other large organizations over the past few days.

Posting the news and records of its exploits on Pastebin, the group is taking credit for launching “DNS Cache Snoop Poisoning” attacks against its victims.

DNS cache snooping is the process whereby hackers can query a DNS server to find out which domain names are being resolved into IP addresses.

DNS cache poisoning is a method through which hackers are able to insert malicious and fake records into the cache of DNS servers. As a result, the hackers can then spoof a response to a DNS query, forcing users to go to a phony Web site instead of the real one.