Noted by the Oracle/Dyn team at: https://blogs.oracle.com/internetintellige=
July 2018 saw multiple attacks on authoritative DNS infrastructure of both =
dedicated DNS service providers and of certain high value internally admini=
stered DNS services which answer authoritatively for multiple of the major =
(primarily US based) credit card processing networks.
While the scope of the advertisements was somewhat contained, they still ma=
naged to get 30% of peers of some of the BGP listening points at which Dyn =
has visibility to accept these more specific routes.
In the case of First Data, the specific networks which answer authoritative=
ly for First Data's Datawire network were among the particular (and obvious=
ly intentionally) selected targets.
While the Dyn article does not mention this, the casual outsider might reco=
gnize First Data as a major player in the credit card payments space, but D=
atawire and the datawire.net domain (which are First Data services for tran=
smission of payment batch settlement data and secure file exchange for thin=
gs like the BIN Master File, etc.) is not well know.
This suggests that one or more parties quite familiar with the payment netw=
orks and the crucial infrastructure of the payment networks (and so, in tur=
n, would be well familiar with the fact that these mostly rely upon TLS enc=
ryption) is attempting to subvert the authoritative DNS for some cause.
I believe it's not a great leap to suggest that they may likely seek certif=
Just thought I'd ping the list for thoughts...