Hackers managed to break into the servers of a crucial web company responsible for delivering users to more than half the websites in the world. VeriSign doesn't believe the attackers infiltrated its Domain Name System network—which is responsible for directing traffic to .com, .net, and .gov addresses on the Internet—but it can't rule it out. The attacks occurred in 2010, but only came to light today, when Reuters spotted them in an October SEC filing.
"Oh my God," said a former NSA and Homeland Security official, when asked about a possible breach of the DNS. "That could allow people to imitate almost any company on the Net." He added that the description of the assault will lead officials to "assume that it was a nation-state attack." Even if the DNS is safe, VeriSign's other businesses are sensitive as well—it protects customer data on websites, manages secure traffic, and researches international cybercrime outfits. (Read more VeriSign stories.)