ICANN boss: DNS could fail at any time

The Internet's critical domain name system is under constant attack and could buckle at any time, according to ICANN president Rod Beckstrom.

His remarks, made at a meeting between ICANN's board of directors and representatives of international governments in Nairobi this week, have already attracted criticism.

“The domain name system is more fragile and vulnerable today than it has ever been,” Beckstrom said. “It could stop at any given point in time, literally.”

“That system is used one trillion times per day and your economies depend upon it. It can stop, or it can materially be damaged and harmed,” he told ICANN's Governmental Advisory Committee, made up of key civil servants from around the world.

Before joining ICANN, Beckstrom was the director of the US National Cyber Security Center, part of the Department of Homeland Security.

He pointed to the so-called Kaminsky exploit, named after DNS uber-geek Dan Kaminsky, which put the Internet on alert of wide-scale disruption in July 2008. It "could have been used to fundamentally cripple the domain name system," he said.

Without naming names, Beckstrom went on to say that some DNS providers, such as ISPs, in some countries are engaging in destabilising activities, such as “wildcarding” and abusing DNS to send users to incorrect sites for commercial gain.

His comments were apparently intended as a call-to-action to ICANN's notoriously slow-footed Governmental Advisory Committee, but they quickly attracted criticism from managers of country-code domains, led by .uk manager Nominet.

Nominet chief executive Lesley Cowley noted in a later public session that "inflammatory statements on domain name security" have not been "particularly helpful".

"Trust in the Internet and in our respective country code domains is pretty important for both Nominet and for other country code managers," she said. "We're very committed to making the Internet a safe place, or as safe as it can be for end users."

Nominet recently cooperated in a Metropolitan Police operation aimed at taking down hundreds of .uk domain names that were being used in a huge counterfeit goods operation, Cowley said.