Home / Blogs

New CEO Stresses ICANN’s Role in Cybersecurity

By Brenden Kuerbis Internet Governance Researcher & Policy Analyst at Georgia Tech

One summer sport in Internet governance is speculating on what direction ICANN’s new CEO will take it in. Making the media rounds yesterday on Fox and Lehrer News Hour to talk about the recent DDoS attacks on US and S. Korea government and commercial websites, new CEO Rod Beckstrom pushed how the response to cyber attacks is a coordinated effort, he also alluded to ICANN’s role in similar attacks. Responding to a question on the News Hour about the USG policy response to dealing with cyber attacks, Beckstrom highlighted the critical role of ISP filtering, and identified the “organic” as well as “somewhat structured” coordination which occurs during a typical response. More interestingly, he plugged ICANN’s facilitating role.

ICANN, as the global Internet corporation that handles the naming and address for every mailbox in the Internet globally, over 200 million, we have relationships with every single country in the world and play somewhat of a diplomatic role when these things occur, particularly if they affect the naming and addressing system, which this one doesn’t yet, but it involves multiple countries.

While there are some technical inaccuracies in his statement (domains are not “mailboxes” and ICANN doesn’t actually have formal relations with every country in the world) producing accurate television sound bites is really tough. But Beckstrom correctly points out the limitations of ICANN’s role in resolving cyber attacks.

So far, ICANN’s role has largely been as a facilitator. E.g., in the ongoing cooperative effort against the Conficker worm, the security community determined preemptive barring of domain transfers and registrations in affected TLD registries as a mitigation tactic. ICANN’s role was largely to communicate this to Top-Level Domain (TLD) operators. It took the agreement of ccTLD operators to put the response in place, because in reality, ICANN has very little authority over the ccTLDs business and operational practices. (with gTLDs it has almost complete contractual governance and can even take away the assignment after a period of time) Because of “national sovereignty” claims most ccTLDs have very limited contracts with ICANN, and there are clear limitations to using ICANN’s authority to enforce stability and security on the Internet.

View the News Hour interview:



And the Fox interview (which dutifully follows the First Law of Cyberwarfare):

By Brenden Kuerbis, Internet Governance Researcher & Policy Analyst at Georgia Tech

Filed Under

Comments

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

VINTON CERF
Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Related

Topics

Domain Names

Sponsored byVerisign

IPv4 Markets

Sponsored byIPv4.Global

Threat Intelligence

Sponsored byWhoisXML API

Brand Protection

Sponsored byCSC

DNS

Sponsored byDNIB.com

Cybersecurity

Sponsored byVerisign

New TLDs

Sponsored byRadix

View All Topics