In response to the news that hackers claiming to be from the "Lizard Squad" have launched a cyber attack against the Malaysia Airlines website, I have the following comments from security experts at Tripwire and Proofpoint:
Craig Young, security researcher at Tripwire says: “A DNS hijack attack can in some cases be used to compromise user data. Depending on the site design, authentication tokens and passwords may be sent to the rogue server. DNS hijacking is also a common tool for government censors looking to perform man in the middle attacks. (Think China's recent interception of Outlook.com.)
In this case however I think this was more of a prank than an attempt to compromise user data. Some of us who have been around in the industry a few years may remember a similar although more technical attack against the AirTran web site. In that case, the airline's site was defaced with a tasteless image of a fiery plane in 1997 as a reference to ValuJet flight 592 which had crashed in the Everglades.
In this case it would seem that the attackers (Lizard Squad presumably) were caught up in an act of chest-thumping to show off their capabilities similar to the recent wave of DDoS attacks against gaming networks.
Unfortunately DNS is a fundamental flaw in the security of the Internet. As we saw in 2013, even the sites of knowledgeable security professionals like HD Moore can be hijacked due to weakness in the registrar systems. Companies worried about this type of attack should carefully review the security practices of their registrar and make sure that a legitimate authority is contacted before records can be altered. Many services also exist to monitor and alert on unexpected DNS changes to expedite the recovery process.”
Kevin Epstein, VP of Advanced Security and Governance at Proofpoint, said: “While unlikely to have compromised customer data, this attack is illustrative of the type of brand damage possible from Social Media hacks, website hacks, or other ‘defacement’ attacks. Any compromise that raises any questions of corporate security is detrimental to an organization’s brand equity, particularly consumer-facing brands.”