[CPWG] [technical-issues] Cyberspies Hijacked the Internet Domains of Entire Countries

Hadia Abdelsalam Mokhtar EL miniawi Hadia at tra.gov.eg
Sat Apr 20 07:38:00 UTC 2019 

Thank you Olivier for the links. I did not read it yet, but I agree that this has direct impact on end users and certainly on top of their interests.


Kindest Regards

Hadia

________________________________
From: CPWG <cpwg-bounces at icann.org> on behalf of Olivier MJ Crépin-Leblond <ocl at gih.com>
Sent: 20 April 2019 09:25
To: Holly Raiche
Cc: Technical issues; CPWG
Subject: Re: [CPWG] [technical-issues] Cyberspies Hijacked the Internet Domains of Entire Countries

Dear Holly,

I am not saying it shouldn't. Just asking an open question.
BTW as CPWG is now CC'ed to this, Michele Neylon informed us that the Wired article was alarmist and a more accurate coverage of the incident would be the Register article: https://www.theregister.co.uk/2019/04/17/sea_turtle_dns/
Registry lock is probably the feature that should be enabled by default.
Kindest regards,

Olivier

On 20/04/2019 04:24, Holly Raiche wrote:
Hi Olivier

Why isn't this something that ALAC should take up?

Holly

On Apr 20, 2019, at 3:30 AM, Olivier MJ Crépin-Leblond <ocl at gih.com<mailto:ocl at gih.com>> wrote:

Dear colleagues,

I have just read an article on Wired that speaks of mass scale cyber attacks on the DNS:
https://www.wired.com/story/sea-turtle-dns-hijacking/

This looks very serious indeed. Furthermore, it appears to be happening on domains that are not DNSSEC enabled/signed. And of course, this is a known vulnerability. But one thing that has somehow shocked me was that one of the way to avoid this was using a "Registry Lock" which many Registries were unwilling to implement.

Is it time to (a) ask SSAC what this is all about and (b) get the ICANN Board to mandate an essential security implementation before the whole DNS falls apart for lack of trust? Or is this article way too alarmist? My big concern at the moment is that if I was a Government representative, I'd ask "who runs this DNS?" and upon being told it's ICANN, I'd think that ICANN is incompetent in making the DNS safe from attack. As a result -> DNS is a critical resource -> get it run by countries rather than this incompetent organisation. (a lose-lose for all of us)

Kindest regards,

Olivier
_______________________________________________
Technical-issues mailing list
Technical-issues at atlarge-lists.icann.org<mailto:Technical-issues at atlarge-lists.icann.org>
https://atlarge-lists.icann.org/mailman/listinfo/technical-issues

More information about the CPWG mailing list