Fourteen people have access to fragments of a master key that can shut down or reset the internet. Deep in a highly secure, compartmentalized information facility protected by armed guards and biometric scanners, the group holds a highly scripted ritual periodically to exchange their keys and ensure that the internet is still secure.
No, this is not the plot of the latest high-tech thriller from Christopher Nolan or Steven Spielberg. It’s reality. That group, part of the Internet’s largest governing body ICANN, held the ritual several days ago after one of the largest cyber attacks took down sites like Amazon, Netflix, and others for several hours.
The cyber attack targeted Dyn, a domain name service provider, which is one of the largest companies of its kind to supply this critical web technology. Dyn acts as a translator for websites, converting domain names like realclearlife.com into the string of numbers known as an IP address that computers can more easily understand. The numbers are then cataloged in a digital phonebook of sorts called the domain name system (DNS).
Protecting the DNS is ICANN’s primary responsibility, and it is the most tantalizing target for hackers since it allows them to hide their nefarious activity in plain sight. A hacker with access to the DNS could set up a fake website in place of, say, Citibank’s, and users would never notice they weren’t going to the real thing.
In order to prevent this, the DNS is protected by one master key that is then divided into seven smart cards locked in two high-security safety deposit boxes in El Segundo, California, and Culpepper, Virginia. The smart cards are then scattered around the world in the hands of two groups of seven online security experts or crypto officers, which ICANN calls Trusted Community Representatives (TCRs). These TCRs are selected by ICANN from an open pool of applicants..