Get Started Today!  (954) 834-2800

croom new

KB Technologies Blog

KB Technologies has been serving the Deerfield Beach area since 2002, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

How the Democratic Republic of Congo Provided a Security Case Study

How the Democratic Republic of Congo Provided a Security Case Study

Preserving cybersecurity requires the person responsible for doing so to consider every component and connection associated with their technology, down to the smallest minutiae. Let’s consider a sizable example that comes from a narrowly avoided disaster in the Democratic Republic of Congo, that could have potentially left millions of Internet users exposed to serious threats.

Before we begin, it is important to understand how websites work, as it pertains to the nature of the threat.

How a Web Browser Actually Works

On the surface, navigating to a website is a somewhat straightforward process: type in the URL, hit Enter, and you’re off to the races, right?

Maybe so. However, this simple interaction hides a much more involved process taking place behind the scenes.

When we think of a website, as users, we think of a certain name, like Google or Facebook or what have you. That’s known as the domain name, and it isn’t what your Internet browser uses to find the website you want. Your browser operates via something known as an Internet Protocol (IP) address. While IP addresses are way too in-depth to review in full here, all we have to keep in mind is that they’re kind of like the coordinates to the websites that your browser is attempting to find.

IP addresses are made up of a series of numbers, which are more challenging to remember than a name. Therefore, something known as nameservers exist: they help connect the URL we know to the IP address your browser recognizes.

Each time you type in a URL, your browser references a nameserver to match it to the IP address of the correct webserver. Once it does so, it can request the content you want. In this way, the nameserver is effectively your browser’s translator—taking your input and converting it to be understood.

That’s what makes the nameserver so important to the function of the Internet, and why these nameservers are so important to keep secure. This importance is only exacerbated when the nameserver controls a top-level domain—the “.com”,”.net”, “.org” or whatever the case may be.

So, if an attacker were to get control of a top-level nameserver, man-in-the-middle attacks would be far too easy for cybercriminals to use to redirect web traffic to malicious websites.

The Situation in the Democratic Republic of Congo

A security researcher named Fredrick Almroth noticed that one of the nameservers controlling a top-level domain for the Democratic Republic of Congo—specifically, the one controlling the .cd country code—was due to expire. With an expiration date set in mid-October, the government would have a limited time after that to claim the nameserver domain scpt-network.com. Almroth took it upon himself to monitor the domain.

Once December was soon to end, Almroth picked up the domain to keep it safe from attackers. Since the domain’s other nameserver was still operational, all Almroth had to do is timeout any requests to the expired nameserver and redirect them to the operational one.

The Risks Involved

If Almroth had not claimed the nameserver’s domain, an attacker may have. In doing so, this attacker could then intercept all traffic that was directed toward any .cd domain, even if it were encrypted. An attacker in this position would therefore have a truly frightening level of power over thousands of websites.

The Congolese government wound up cutting their losses and setting up a new domain, so there was fortunately never a time that the .cd domain was at risk.

What Your Business Can Take Away from This

Simply put, technology is a complicated thing, and this opens a lot of opportunities for cybercriminals to exploit.

This incredibly resourceful class of criminal isn’t above using cheap tricks to infiltrate their targets, and most of them aren’t particular about the size of a given target. Some attackers focus on small businesses while some aim higher at government infrastructures. This is what makes it so important that all organizations have some resource to turn to that can see to their efficiency and cybersecurity alike.

KB Technologies Managed IT is here to be that resource for you. Our team focuses in on the IT used by our clients to help resolve issues, whether operational or security-based, to ensure that nothing goes by unnoticed. To learn more about what we can do for you, reach out to us at (954) 834-2800.

Tired Of Annoying Computer Problems That Keep Coming Back?

Some of Our Favorite Google Docs Features
Why a BDR is Essential for Any Business
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Guest
Friday, November 08 2024

Captcha Image

Reach Out Today!

First Name *
Last Name
Email *
Company Name
Phone *
Comments

Mobile? Grab this Article!

QR-Code dieser Seite

Latest Blog

We’re all hooked on our devices. You likely wouldn’t think about driving an hour each way to retrieve your smartphone if you left it at home and would otherwise be without it for a couple of days. It’s not even an option to go that long without access to your phone nowadays....

Latest News

KB Technologies Managed IT is proud to announce the launch of our new website at http://www.kb-it.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our services for ...