Sign in / up

back to article Nominet probes network intrusion linked to Ivanti zero-day exploit

UK domain registry Nominet is investigating a potential intrusion into its network related to the latest Ivanti zero-day exploits. Nominet told customers via an email sent on January 8, which was seen by The Register: "We became aware of suspicious activity on our network late last week. The entry point was through third-party …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. Lon24

    Starter for Ten

    Nominet is just the first of n - where n+1 might be nearer the number of targets.

    Nominet should and probably has one of the strongest security layered system structure of any company. Compromising a Domain Registry is getting close to a zero day for the internet (or at least the UK section of it).

    Reading between the lines of Nominet's letter and touching wood - those layers appear to have held and the threat detected - and presumably reported back to the vendor rather than the other way round. Others may not be so lucky - yet only one public report to the NCSC? If you are using the product the NCSC protocols pretty much make that mandatory if the exploiter could access production system through possible compromised credentials or similar.

    5 0 Reply
    1. Nate Amsden
      Reply Icon

      Re: Starter for Ten

      There have been stats passed around for years that suggest a large number of intrusions take upwards of 6 months to detect on average. Unless the attackers resort to destructive things right away following intrusion.

      4 0 Reply
  2. Will Godfrey Silver badge
    Holmes

    Choice wording

    'No evidence' of data theft doesn't automatically mean it hasn't happened.

    3 0 Reply
    1. Lee D Silver badge
      Reply Icon

      Re: Choice wording

      Quite.

      There is no evidence that I ate all the Christmas chocolates myself.

      (chew, chew, munch, swallow).

      None whatsoever. No, you can't look in my bin.

      3 0 Reply
  3. damo2929

    No supprised

    as a former Nominet Employee who left in 2019 I would say I am not surprised.

    if you outsource your security and innovation ignore your own staff experience and expertise then you get this.

    Nominet management needs to learn that they are completely useless and need to refocus on the basics.

    questions here is why they was still using a SSL VPN service instead of Zero trust.

    they started it with the registry and was going to implement yubbi keys, but looks like they didn't follow it though.

    So, @nominet, when did you contact us all directly to tell us that our data has been compromised? as it seams you have only contacted a select few as normal.

    3 0 Reply
  4. harrys Bronze badge

    Best on who gets paid the most out of this ...

    1. mandient

    or

    2. the public relations consultants who are managing the flow of info now

    me thinks the latter, their grubby little hands are all over the info releases ...

    rule number uno... drip feed the flow of *already known* damaging info .... ""We will update you when our investigation concludes, or as necessary,"

    the only difference here being "or as necessary" ... arrogant sods

    1 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like