Each year, 14 elite people use secret keys in a ceremony that controls the very fiber of the worldwide internet. ICAAN ( The Internet Corporation for Assigned Names and Numbers ) is an organization that handles the secret databases that control all routing of named website traffic. Deep in places like an anonymous compound in southwest Los Angeles, or a large campus in Culpepper Virgina, these 14 people meet four times every year under the strictest security to unlock the very keys to the internet.
At the heart of this ritual is the generation of secret cryptography “keys,” otherwise known as Root Keys. These Keys are complicated bits of code that are generated with powerful software that is virtually “un-crackable.” The rituals tightly follow the specifications set out in the SAS 70 auditing standard. The purpose of these rules is to ensure that the process follows strict protocols that ensure security. The process itself is like a scene from a spy movie replete with retinal scans for the participants and safes equipped with seismic sensors.
Why is this ritual so important? And what does it mean for the rest of us? In one sense the ICANN databases are like a live rosetta stone that directs all the top level website traffic. If someone could manage to break into the database they could wreak havoc by maliciously re-directing websites. With as much reliance as we have on the modern web this could throw the world into chaos and cause untold financial damage worldwide.
In fact, ICAAN was recently hacked using a spear-fishing exploit. The attackers used social engineering by sending spoofed emails to collect passwords that gave them access to the internal workings of the organization. ICANN sent an email that warned that “the attacker obtained administrative access to all files in the CZDS, including copies of the zone files in the system. The information you provided as a CZDS user might have been downloaded by the attacker. This may have included your name, postal address, email address, fax and telephone numbers, and your username and password.” With this exploit the hackers gained access to crucial elements of the ICANN system such as the Centralized Zone Data System, the wiki pages of the Governmental Advisory Committee (GAC), the domain registration Whois portal, and the organization’s blog. While this attack did not compromise the core of the system, it did prove that the system can be vulnerable and that malevolent forces are constantly scheming to penetrate and wrestle control from the guardians.
In 2012 the organization suffered a critical failure when it’s application system for new top-level domains caused it to shut down it’s entire program for months. ICAAN vaguely dismissed the issue as only a “glitch,” which has caused some concern over whether the system and the organization is capable of transparency or can be trusted at all with this responsibility.
In the wake of recent high profile hacking exploits such as the Sony breach, the commerce department and Homeland Security have taken a deeper interest in the process. This has raised the hackles of many international players like Russia and Brazil because of the recent revelations of rampant NSA spying. The European commission along with others has called for more international control of the process even suggesting that control be handed over to the United Nations.
And so the debate rages on. Is the health and viability of this crucial task safe in the hands of this organization? Does the United States have undue control over the process? Will a James Bond villain
scenario bring the online world crashing to it’s knees? Is the internet secretly being controlled by a shadow cabal of international globalist? For now, the fate of the world wide web rests in the hands of these 14 select key holders and the faith of the world in their capability to keep the internet secure and open.
KSK Key Signing Ceremony