LinkedIn outage prompts security concerns

The website's domain name was temporarily redirected to a different server

LinkedIn's domain name was temporarily redirected to a third-party server Thursday, which resulted in a service outage and potentially put user accounts at risk of compromise.

Uptime monitoring service Pingdom recorded that LinkedIn was unavailable between 2:21 a.m. and 6:16 a.m. U.K. time. Some users trying to access the website saw a domain parking page offering the domain for sale, according to user reports on Hacker News.

During the outage, LinkedIn's customer service team said on Twitter that the problem was caused by a DNS (Domain Name System) issue, but did not specify why it occurred.

Bryan Berg, co-founder of the App.net social feed service, described the issue as a DNS hijacking and said that LinkedIn's traffic was directed to the network of a company called Confluence Networks. Because LinkedIn does not use SSL by default, users who tried to access the site during the incident might have exposed their session cookies in plain text to another server, he said.

Session cookies are text files containing unique IDs that websites set in browsers in order to remember authenticated users. Attackers who steal a user's session cookie can put it into their own browser and access that user's account.

"Starting few hours ago, we received reports about some sites (including linkedin.com) pointing to IPs [Internet Protocol addresses] allotted to our ranges," Confluence Networks said in a notice published on its website. "We are in touch with the affected parties & our customer to identify the root cause of this event."

Confluence Networks describes itself as a colocation and network services provider that has business relationships with data centers in various geographical regions.

In a later update, the company noted that it received verification that the issue was caused by human error and was not security related.

The company did not immediately respond to a request for comment seeking more information about the incident and the names of other websites that have been redirected to its network.

"For a short time early on Thursday morning, linkedin.com was not accessible to a majority of our members," LinkedIn spokesman Darain Faraz said via email. "We have been told by the company that manages our domain that this was due to an error made on their end. Our team was able to quickly address the issue, and the site is returning to normal."

From a technical standpoint, the incident could have security implications for LinkedIn users, according to Bogdan Botezatu, a senior e-threat analyst at security vendor Bitdefender.

"As the hijack took place at the DNS level, chances are that the cookies have been sent to the wrong website if the user has not enabled the SSL security feature via the LinkedIn Account Settings," he said via email.

Unlike other online service providers such as Google or Twitter, which use HTTPS (HTTP Secure) by default for all connections and therefore encrypt them with SSL, LinkedIn supports SSL only as an option.

Cookies have an attribute called "Secure" that can be used to instruct the browser to only transmit them over secure, HTTPS connections. However, if SSL is not used, cookies have the Secure value set to false and can be sent in plain text over HTTP, Botezatu said.

"Since LinkedIn cookies appear to have a lifespan of roughly three months and we don't know whether they have been collected by the rogue end-website, changing the account password would be the wisest choice now," he said.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection

Tags online safetyGooglesecurityLinkedInAccess control and authenticationtwitterbitdefender

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Lucian Constantin

IDG News Service
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?