Google Malaysia’s homepage is back to normal after going down for almost 24 hours yesterday. Users trying to access the site from a desktop computer were redirected to a page proclaiming that it had been hacked by a Bangladeshi group. MYNIC, the .my domain name administrator who was the real victim of the attack, has issued a statement about what happened.
As it was first suspected, the Google.com.my suffered from a DNS redirect at MYNIC’s servers. MYNIC CEO, Hasnul Fadhly Hasan said “Our initial investigations found that the redirections are done through unauthorised modifications at DNS level. Our team now is taking all necessary measures to monitor the situation and prevent further issues. We can assure customer’s data is not affected by today’s incident.”
MYNIC and the Malaysian Communications and Multimedia Commission (MCMC) managed to resolve the issue within 24 hours; although the two have warned that some users may continue to experience disruptions when using Google Malaysia.
Hasnul has said that MYNIC has now implemented two factor authentication for its servers, in order to increase security. It is also looking into adding more layers of DNS validation to ensure that this does not happen again. Considering that MYNIC has suffered at the hands from the same group of hackers twice in two years, these security measures feel a little too late.
Neither MYNIC nor MCMC has revealed how the hackers managed to access the servers and alter the DNS information. However, the security measures put in place seem to indicate that the hackers managed to get their hands on an administrator password, instead of any particularly sophisticated cyber-attack method.
It should be noted that Google Malaysia was not the only domain affected in the attack. Yahoo Malaysia also fell victim to the same DNS redirect, although the fact that social media did not pick up on it speaks volumes about how relevant that site still is.
There has been no information as to who keep hacking MYNIC, despite the fact that the group has apparently come back for round two after a couple of years. MCMC has not spoken about conducting an investigation into the matter, although one would expect that it would happen in situations like this.