Hackers are exploiting a "serious flaw" in the architecture of the internet, says an online security firm. A vulnerability in the software which directs users to websites may mean some sites are offline over the next few days.
A bug was discovered in Bind some time ago, the BBC reports - and a patch is already available to fix the weak point and block the hackers. Unfortunately, says Daniel Cid of internet security firm Sucuri, many site owners have not yet applied it.
The Week
Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.
Sign up for The Week's Free Newsletters
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
Cid said: "Based on our experience, server software, like Bind, Apache, OpenSSL and others, do not get patched as often as they should. A few of our clients, in different industries, had their DNS servers crashed because of it."
The weakness in Bind allows hackers to launch DoS (denial of service) attacks on servers, bombarding them with so many requests for pages that they crash and have to be taken offline.
There is expected to be a flurry of such attacks over the next few days as hackers learn how to exploit the problem and make hay while the sun shines. Site owners will be scrambling to update their software.
However, Cid added that the situation was not disastrous, with the impact on most users minimal. Sites can still be reached via other routes, with cached addresses (those for sites a user has already visited) still working around the world.
He said: "It's not a doomsday scenario, it's a question of making sure the DNS structure can continue to work while patches are rolled out. Average internet users won't feel much pain, besides a few sites and email servers [being] down."
-
The dazzling coral gardens of Raja AmpatThe Week Recommends Region of Indonesia is home to perhaps the planet’s most photogenic archipelago.
-
Trump’s White House ballroom: a threat to the republic?Talking Point Trump be far from the first US president to leave his mark on the Executive Mansion, but to critics his remodel is yet more overreach
-
‘Never more precarious’: the UN turns 80The Explainer It’s an unhappy birthday for the United Nations, which enters its ninth decade in crisis
-
Why Britain is struggling to stop the ransomware cyberattacksThe Explainer New business models have greatly lowered barriers to entry for criminal hackers
-
Who are the new-wave hackers bringing the world to a halt?The Explainer Individual groups and nations are beginning to form concerning partnerships with new ways to commit cybercrime
-
Jaguar Land Rover’s cyber bailoutTalking Point Should the government do more to protect business from the ‘cyber shockwave’?
-
Airplane crash-detection systems could be vulnerable to hackersUnder the Radar 'The idea scares the shit out of me,' one pilot said
-
Elon Musk's DOGE website has gotten off to a bad startIn the Spotlight The site was reportedly able to be edited by anyone when it first came online
-
The Internet Archive is under attackUnder the Radar The non-profit behind open access digital library was hit with both a data breach and a stream of DDoS attacks in one week
-
How cybercriminals are hacking into the heart of the US economySpeed Read Ransomware attacks have become a global epidemic, with more than $18.6bn paid in ransoms in 2020
-
Language-learning apps speak the right lingo for UK subscribersSpeed Read Locked-down Brits turn to online lessons as a new hobby and way to upskill
