Stop everything you’re doing : the apocalypse of the Internet is near, everything will collapse and we will not even watch Top Chef en replay. You will have understood, as it often does with cyber attacks, the announcement effect has exceeded the original message, and the media machine is a bit packed. No, the Internet is not on the verge of collapse, in any case not more than yesterday or last week ! Known vulnerabilities have just been recalled… with a tone deliberately provoking.
it All starts with a release of Icann (the Internet Corporation for Assigned Names and Numbers), that is to say, the non-profit organization that is at the top of the authorities allocation of domain names on the Internet. As a reminder, a domain name is a ” .com ” or ” .en ” you can, for example, of type www.lepoint.fr rather than the address of our server computer consisting of multiple figures imbitables. Domain names are managed by domain name servers at the heart of the Internet system… and cyber attacks of the last days.
A title of the AFP concerned
Released Friday, the text of Icann is first of all an invitation for professionals to migrate their domain name servers (or DNS, directories, Internet) to DNSSEC, a more secure version that has been there for years but is struggling to be adopted. Nothing is more common : “In response to reports of attacks against key elements of the infrastructure, Icann has published a list of safety recommendations for the professionals of the domain names,” explains the press release.
But everything goes wrong when professional information is relayed, on the night of Friday 22 to Saturday 23 February, by Agence France-Presse (AFP) in a dispatch entitled ” the Internet and its domain names under the blow of an attack unprecedented “. The title of course is not the content of the dispatch, more measured. The prestigious agency, who provides his texts to almost all of the global media, evoking in detail the current situation of the network, in fact vulnerable, but without explaining that the attack is not ” in progress “. These flaws have existed for years and they are simply more exploited than usual these last few days.
The government puts in
Taking the dispatch, ” many of the French media, which evoke here a black-out imminent, there a cyber attack of a severity never seen before. Even the secretary of State to Digital, Mounir Mahjoubi, fuels the fear in an interview on CNews Monday morning, explaining that the attackers ” are able to recover your data “.
on the side of The experts, it is lack of understanding. “For us, the biggest surprise, it is on the side of the AFP !” ton Pierre Bonis, director general of Afnic, non-profit association that manages the domains .en-us “. “There are a series of attacks that are known, fairly standard : they are to retrieve the users password, and even registrars (domain names, editor’s NOTE), in order to divert the sites and their traffic, and possibly to collect data in the diverted traffic “, he adds. The man recognizes, however, that “the intensity of the attacks seems to have increased these last days” and that it ” must not minimize the seriousness of this type of attack, which could ruin the trust in the DNS, which would be catastrophic for the Internet “.
Of the known countermeasures
“The more pity it is that the counter-measures are known for years !” says Peter Bonus, which evokes two mechanisms : DNSSEC and Registry Lock. “They are boudées for reasons not of cost, but of complexity : it takes more human intervention “, he adds. “These two technologies are the response to the attacks, we risk seeing more and more frequently,” he says.
“To force the trade-offs of security, at a given time, it takes a little scare,” says Pierre Bonis. “They are not totally wrong : if we continue to say that security measures respond to attacks very rare and very complicated, nobody is going to deploy !” he complained. Finally, a few days before his forum Icann64, which will take place from 9 to 14 march in Kobe, Japan, Icann achieved its goal : to raise awareness.