LinkedIn outage prompts security concerns

The website's domain name was temporarily redirected to a different server

LinkedIn's domain name was temporarily redirected to a third-party server Thursday, which resulted in a service outage and potentially put user accounts at risk of compromise.

Uptime monitoring service Pingdom recorded that LinkedIn was unavailable between 2:21 a.m. and 6:16 a.m. U.K. time. Some users trying to access the website saw a domain parking page offering the domain for sale, according to user reports on Hacker News.

During the outage, LinkedIn's customer service team said on Twitter that the problem was caused by a DNS (Domain Name System) issue, but did not specify why it occurred.

Bryan Berg, co-founder of the App.net social feed service, described the issue as a DNS hijacking and said that LinkedIn's traffic was directed to the network of a company called Confluence Networks. Because LinkedIn does not use SSL by default, users who tried to access the site during the incident might have exposed their session cookies in plain text to another server, he said.

Session cookies are text files containing unique IDs that websites set in browsers in order to remember authenticated users. Attackers who steal a user's session cookie can put it into their own browser and access that user's account.

"Starting few hours ago, we received reports about some sites (including linkedin.com) pointing to IPs [Internet Protocol addresses] allotted to our ranges," Confluence Networks said in a notice published on its website. "We are in touch with the affected parties & our customer to identify the root cause of this event."

Confluence Networks describes itself as a colocation and network services provider that has business relationships with data centers in various geographical regions.

In a later update, the company noted that it received verification that the issue was caused by human error and was not security related.

The company did not immediately respond to a request for comment seeking more information about the incident and the names of other websites that have been redirected to its network.

"For a short time early on Thursday morning, linkedin.com was not accessible to a majority of our members," LinkedIn spokesman Darain Faraz said via email. "We have been told by the company that manages our domain that this was due to an error made on their end. Our team was able to quickly address the issue, and the site is returning to normal."

From a technical standpoint, the incident could have security implications for LinkedIn users, according to Bogdan Botezatu, a senior e-threat analyst at security vendor Bitdefender.

"As the hijack took place at the DNS level, chances are that the cookies have been sent to the wrong website if the user has not enabled the SSL security feature via the LinkedIn Account Settings," he said via email.

Unlike other online service providers such as Google or Twitter, which use HTTPS (HTTP Secure) by default for all connections and therefore encrypt them with SSL, LinkedIn supports SSL only as an option.

Cookies have an attribute called "Secure" that can be used to instruct the browser to only transmit them over secure, HTTPS connections. However, if SSL is not used, cookies have the Secure value set to false and can be sent in plain text over HTTP, Botezatu said.

"Since LinkedIn cookies appear to have a lifespan of roughly three months and we don't know whether they have been collected by the rogue end-website, changing the account password would be the wisest choice now," he said.

Tags Googleonline safetysecurityAccess control and authenticationLinkedIntwitterbitdefender

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Lucian Constantin

IDG News Service

Comments

Comments are now closed.

Latest News Articles

Most Popular Articles

Follow Us

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Resources

Best Deals on GoodGearGuide

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?