. home.aspx



Cisco Talos Says a Nation State Is Behind Sea Turtle DNS Hijacking Attacks

April 17, 2019 / Jessica Lyons Hardcastle

Cisco Talos researchers say a nation state is likely behind a new cyberattack, dubbed Sea Turtle, that uses domain name system (DNS) hijacking to steal credentials and passwords for espionage. While Talos won’t attribute the attacks to one particular nation state, “given the complexity involved, and the vast understanding of how DNS works, this clearly is the work of experts,” said Craig Williams, director of Talos outreach. “Had the attackers wanted to take down the DNS portion of the internet, they could have done so.” The security researchers say that the attacks hit 40 different national security organizations in the Middle East and North Africa. But despite this specific reach, organizations in other regions should not discount the threat, said Williams. The reason for this is two-fold, he said. First, the Sea Turtle campaign targeted third-party entities — DNS registrars, telecommunications companies, and internet service providers — in t...