Feds pull the domain name plug on state of California
IDG News Service - SAN FRANCISCO -- The federal government pulled the plug on the Web domain name used by the state of California on Tuesday, setting into motion a chain of events that threatened to grind government business to a standstill within the state.
State IT staffers were able to fix the problem within a few hours, narrowly averting disaster, but the situation shed light on what observers are calling a shocking weakness in the state's IT infrastructure.
The story behind the shutdown, and how the U.S. General Services Administration (GSA) came within hours of shutting down the California state government's Internet presence, is a complex one but, as with many stories on the Internet, it begins with pornography.
In early September the Transportation Authority of Marin, a 10-person agency charged with managing transportation funding in California's Marin County, discovered that the servers that handled the agency's Web and domain name service had been hacked and were being used to create links to pornographic Web sites.
Domain name servers are used to translate the domain names we type into our browsers into the numerical IP addresses used by computers. Together these Domain Name System (DNS) servers form a database to tell all of the computers on the Internet how to find each other. In the case of the Transportation Authority, there was one authoritative server responsible for telling all other DNS servers where to find computers operating within the tam.ca.gov domain.
The agency spent a frustrating two weeks trying to get its Internet service provider, StartLogic Inc., to resolve the problem, said Dianne Steinhauser, executive director of the Transportation Authority of Marin. Then, in mid-September, it delegated domain name server authority for the Transportation Authority's domain to the ca.gov name server, run by the state's Department of Technology Services, she said. That meant that the state's servers and not StartLogic's were now responsible for keeping the authoritative domain record for tam.ca.gov.
Unfortunately, it also meant that if an outside observer believed that the DNS server responsible for tam.ca.gov had been hacked, he might have assumed that the ca.gov name server was compromised as well. And that, apparently, is where the trouble really began for the state government.
On Tuesday, at around 2 p.m., the federal organization responsible for managing the .gov top-level domain pulled the plug on the ca.gov domain, according to Jim Hanacek, a public information officer for California's Department of Technology Services. The "ca.gov domain was removed as a valid address by the federal General Services Administration, who has an office that oversees the use of the .gov domain," he said.
- Silicon Valley's 19 Coolest Places to Work
- Is Windows 8 Development Worth the Trouble?
- 8 Books Every IT Leader Should Read This Year
- 10 Hot Hadoop Startups to Watch
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Data on the Move = Business on the Move; How Strategic Secure Managed File Transfer Adds Value and Drives Business This whitepaper describes the formal and informal file-sharing methods business employees use to perform their daily functions and explains that, from sending small...
- Infographic: Converged Infrastructure Benefits This Infographic quantifies the savings organizations are realizing from increased deployment speed, higher availability, and lower annual costs.
- CIOs Deliver Productivity Breakthroughs with Intelligent Digital Signage Retailers have long recognized the influence that digital signage provides over a shopper's point-of-purchase decision making process.
- Going Paperless? Here's What You Need to Think About As makers of some of the world's most popular PDF solutions, we often consult with businesses & governmental agencies that have the goal...
- Supercharge Your Web and Mobile App Development with High-Productivity Hybrid Cloud Webinar: Hear from industry experts about the amazing power at the intersection of next-generation web and mobile application development and cloud platforms.
- Building Tomorrow's Infrastructure Listen to this podcast to discover how Crider Foods worked with PC Connection to update their IT infrastructure, while maintaining compliance and control. All Internet White Papers | Webcasts
Our new weekly Consumerization of IT newsletter covers a wide range of trends including BYOD, smartphones, tablets, MDM, cloud, social and what it all means for IT. Subscribe now and stay up to date!