ICANN chief Rod Beckstrom has come in for a bit of criticism over “inflammatory” comments he made at the Government Advisory Committee meeting on Tuesday.
The headline quote: “The domain name system is more fragile and vulnerable today than it has ever been. It could stop at any given point in time, literally.”
Beckstrom described a DNS on its knees, then pointed the finger at unspecified nations for DNS abuses allegedly happening within their virtual borders, and said he would be writing to GAC members for more information and advice.
It was part call to arms, part Chicken Little.
If you missed it, here’s a full transcript.
The domain name system is under attack today as it has never been before. I have personally consulted with over 20 CEOs of the top registries and the top registrars globally, all of whom are seeing increasing attacks and complexity of attacks and whom are extremely concerned.
The domain name system is more fragile and vulnerable today than it has ever been. It could stop at any given point in time, literally.
It has never stopped. It has been slowed down through attacks and the Kaminsky exploit that was disclosed only 18 months or so ago could have been used to fundamentally cripple the domain name system.
That system is used one trillion times per day and your economies depend upon it. It can stop, or it can materially be damaged and harmed. It is under attack.
Parts of that system are only in your countries. I’m going to be writing you a letter and asking you for what is happening in the domain name system in your countries, because we’re seeing new levels of wildcarding that’s occurring at the telecom service provider level, synthesis of domain name system providers interrupting DNS requests and providing false data and information for commercial or other purposes.
But the system is under full-scale attack and I am extremely concerned as CEO of ICANN, I want to let you know that. We’re all in this together. I have met with the heads of cyber-security or technical infrastructure of three of the largest countries on the Earth who are concerned as well.
I’m sharing this because I’m gravely concerned and we need your help. We’ll be asking your advice on domain name security and on the DNS-CERT and what can be done and particularly to learn the lessons from your CERTs as well. What has been accomplished in your countries? I have experience of CERTs in several countries but we need to learn more.
ICANN has not published an official transcript of the meeting yet. The audio can be found here.