ICANN organisation staff members were tricked by emails that looked to be sent internally

ICANN, the organisation that provides the tools that allow the internet to work, has said that it was the victim of a cyber-attack that left many of its most important systems exposed.

The Internet Corporatation for Assigned Names and Numbers (ICANN) hands out IP addresses and domain names for the internet. It is, essentially, in control of the technology that translates the letters you put in the search bar into a proper website.

The attack used ‘spear phishing’ — sending emails to staff that appeared to have come internally, but were in fact from those attempting to gain access to the system. That gave the hackers access to the email credentials of several ICANN staff members, the organisation said in a post announcing the hack this morning.

With the email access, hackers were able to access a members-only Wiki page; the system used for the services that ICANN provides, many of which are key to the running of the internet; ICANN’s blog and the WHOIS database that stores information for who owns certain websites.

The organisation said that it was sharing the information not only as part of its commitment to openness and transparency but “also because sharing of cybersecurity information helps all involved assess threats to their systems”.