India’s biggest software exporter Tata Consultancy Services (TCS) became a victim of cyber attack on Sunday, after the company’s website was hacked and the domain name was put up for sale. While in the recent past, hackers have attacked top government websites, including telecom regulator’s trai.gov.in, this is the first time a large IT company’s website has been hacked.
The company’s official website www.tcs.com displayed the message ‘this domain name is for sale’ for nearly three hours, before the portal was restored by around 7 am. TCS spokesman said the attacks happened at the domain name registrar’s end, which is Network Solutions in this case. Network Solutions is one of the top five domain name registrars on internet, managing almost 6.4 million domains.
“The TCS website www.tcs.com was disrupted. Subsequently, it has been restored and is functioning fine. None of the servers were compromised. Initial investigation reveals a DNS redirection at the domain name registrar’s end. Further investigations are on,” said a TCS spokesperson.
A denial of service attack makes a website or a computer unavailable for target users, traditionally aimed at high-profile banks, credit card companies, government portals and other corporates. By hacking a domain name, hackers are able to redirect users of the website to a completely unrelated IP address, primarily for the purpose of phishing.
When one types the name of a website on the address bar, it travels to a domain name server (DNS) where it is looked up for the IP address that comprises of sets of numbers. This server then redirects it to the right server where the pages reside. These servers are similar to a directory which redirects all users to the right server where web pages reside.
Such denial of service could have been possible due to two-three reasons, the DNS server could have been attacked/ hacked or the cache was hijaked, taking advantage of some loopholes in the system.