A hacking attack by the Syrian Electronic Army may have targeted the New York Times and other US media companies, but the weak link was Melbourne IT Ltd., a domain registrar that directs Internet traffic to the companies’ servers.
How can an assault on an obscure Australian Web-services provider lead to a more than 20-hour disruption at the Times’ website?
Melbourne IT and other companies like it occupy a central space in the day-to-day workings of the Internet. When a person or business buys a domain name — something catchy, like nytimes.com — that human-friendly designation is assigned an IP address, which serves as the real hosting location website. For the New York Times, that IP address looks like this: http://22.214.171.124.
Registrars such as Melbourne IT help direct the traffic from people typing in the URLs, saving us the trouble of remembering those clunky IP numbers. According to CloudFlare, a security firm working with the Times that posted a detailed description of yesterday’s attack, Melbourne IT, which has a reputation for better-than-average security, is the sixth- largest domain registrar in the world with about 2.5 million registered domains. GoDaddy is the dominant company among registrars — its 25 million domains give it a 31 percent market share.
Read more: SYDNEY MORNING HERALD