Researchers analyzing how the net’s addressing system works have revealed that simple attacks could let malicious hackers take over more than one-third of the net’s sites.
The number of computers that have to be consulted to find the computers where that site is located often makes sites vulnerable to attack by vandals and criminals, found Assistant Professor Emin Gun Sirer and Venugopalan Ramasubramanian from the Department of Computer Science at Cornell University.
Criminals such as phishing gangs could re-directing traffic from well-known sites so they can grab key login and personal details that would help them de-fraud web users.
Professor Sirer, says that, if attacks through known exploits were combined with other attacks malicious hackers could open up enormous amounts of the net to attack.
For instance, he said, hackers could use denial-of-service attacks to overwhelm the net address books that are secure. This could leave users’ computers with no choice but to look up website names via compromised servers.
By combining well-known attacks and denial-of-service attacks, 85% of the net’s domains become vulnerable to take over and 17% of the servers that host the net’s address books are vulnerable to attack via widely known exploits, reports BBC.
The researchers recommended big changes to the net’s addressing system to tackle the vulnerability at its heart.
"The domain name system has been incredibly successful so far but it is showing its age," he said. "We need to re-think the entire naming infrastructure of the internet."
The hierarchical structure of the net’s address books could be replaced with a more resilient system, he said, that uses a peer-to-peer type structure that would be harder to compromise.