ICANN name servers come under attack
ICANN’s primary name servers came under a distributed denial of service attack, the Org said earlier this week.
The incident appears to have gone largely unnoticed outside of ICANN and seems to have been successfully mitigated before causing any significant damage.
ICANN said on its web site:
ICANN was subjected to a Distributed Denial of Service (DDoS) attack targeting NS.ICANN.ORG. This event did not result in harm to the organization. It was mitigated by redirecting traffic flows through a DDoS scrubbing service.
ns.icann.org is the address of ICANN’s name servers, which handle queries to ICANN-owned domains such as icann.org and iana.org.
The servers are also authoritative for Ugandan ccTLD .ug for some reason, and until a few years ago also handled the .int special-purpose TLD and sponsored gTLD .museum.
ICANN did not disclosed the exact date of the attack, nor speculate about whether it was targeted and why it might have happened.
If you find this post or this blog useful or interestjng, please support Domain Incite, the independent source of news, analysis and opinion for the domain name industry and ICANN community.
On the day Biden was inaugurated, something happened with the entire inventory of dormant DOD IP addresses. 1/25th of all the IPs in existence went active, and no one that I know knows who or why. It appears it was not the DOD, but either they contracted it, or something worse.
Dun-dun-DUUUUN!
ns.icann.org is not the address of anything; it’s a name.
ns.icann.org is not “ICANN’s name servers” but one of several nameservers that answer authoritatively for ICANN.ORG and IANA.ORG.
NS.ICANN.ORG has answered authoritatively for many ccTLDs in the past. ICANN is one of several organisations who have a long history of providing free DNS service to support ccTLDs in developing regions.
As to the apparently unrelated commentary about BGP announcements relating to US department of defense assignments, US DoD/DDS made statements about what they are doing a week or two ago. Other network telescopes have been in operation for over a decade. This isn’t actually all that mysterious.