IGF 2019 WS #135 Attacks against to Public Core. Can the Internet survive?

Organizer 1: Wolfgang Kleinwaechter, European Summer School on Internet Governance
Organizer 2: Alexander Klimburg, The Hague Centre for Security Studies
Organizer 3: Joerg Schweiger, Denic
Organizer 4: Grabensee Philipp , Afilias

Speaker 1: Olaf Kolkman, Technical Community, Western European and Others Group (WEOG)
Speaker 2: Andrei Kolesnikov, Technical Community, Eastern European Group
Speaker 3: Marina Kaljurand, Civil Society, Eastern European Group
Speaker 4: Anriette Esterhuysen, Civil Society, African Group
Speaker 5: Ram Mohan, Technical Community, Asia-Pacific Group

Policy Question(s): 

1. What are the new threats for the basic technical functioning of the core of the Internet (Servers, DNS, IP Adresses, Protocols, Codes, Cables, Satellites)?
2. How the international Community should react to a new generation of attacks against the public core of the Internet?
3. What are the special responsibilities of governments, private sector, technical community and civil society (cyberhygiene)?

Relevance to Theme: The theme is of growing relevance against the background of new forms of attacks against the root and name server system (DNSHijacking/DNSpionage/Netnow/IRA). There are also new threats for the functioning of the core of the Internet by unintended side effects of national legislation (data localisation, cybersovereignty, national segments etc.) and new technological innovations (DOH, DOA, Blockchain)

Relevance to Internet Governance: The management of critical Intenet resources as root and name server, the DNS and IP Adress System etc. are a key aspect of Internet Governance.


Round Table - U-shape - 90 Min

Description: Proposal

Attacks against the Public Core: Can the Internet survive?

The stability of the Internet is based on the functioning of the key elements of the Internet architecture – the root- and name-server system, the Domain Name System (DNS), the IP-Address system, Internet protocols, codes, cables and satellites. Those technical elements constitute the public core of the Internet and enable the communication among the millions of connected networks and billions of connected computers with all the applications and services which run over the DNS.

The root server system, DNS, IP addresses, Internet protocols and other elements of the technical core of the Internet are managed in a neutral way by the global Internet community itself, coordinated by ICANN, RIRs, RSSAC, IETF, W3C and other non-governmental entities.

Criminal attacks against the DNS are not new, however, in recent years, attacks became more sophisticated and aggressive, as the DNS Hijacking case (DNSpionage) against Netnod in January 2019 has demonstrated.

Another new threat for the public core of the Internet emerges from a more politically motivated process. More and more governments introduce security measures to protect their so-called “national Internet segment“ to strengthen their „cybersovereignty“. Such legislation can have unintended side effects which have the potential to undermine the neutral functionality of the global server system when local operators are pushed into a situation that their global commitments – as the principles of neutrality and impartiality for root server operators – conflict with national legislation.

There can be also unintended side effects for the functioning of the public core of the Internet by the development of new innovative technologies as DOH, DOA, Blockchain and others.

Furthermore, we have seen a new type of offensive cyberattacks in intergovernmental conflicts. The New York Times reported in January 2019 about an attack against servers of the Russian troll factory, the Internet Research Agency, in St. Petersburg to block a potential interference into the US Congressional elections in November 2018.

Such new threats for the global functioning of the technical core of the Internet have the potential to undermine the stability in cyberspace with far reaching political and economic consequences. To reduce such a threat the Global Commission on Stability in Cyberspace (GCSC) has proposed the adoption of an international norm to protect the public core of the Internet. The proposed norm reads as follows: “Without prejudice to their rights and obligations, state and non-state actors should not conduct or knowingly allow activity that intentionally and substantially damages the general availability or integrity of the public core of the Internet, and therefore the stability of cyberspace.”

The language of this proposed norm, although still under discussion, has been meanwhile included in various political documents as into resolutions of the European Parliament, into the EU Cybersecurity Directive and into the Paris Call for Trust and Security in Cyberspace, initiated by the French government in November 2018.

During the recent ICANN64 meeting in Kobe (March 2019), the GCSC had a series of consultations with ICANN constituencies, including the Security and Stability Advisory Committee (SSAC) and the Root Server System Advisory Committee (RSSAC) about the implementation of the norm by proposing an enhanced cyberhygiene in the DNS, and in particular by server operators and service providers.

The proposed IGF workshop will look deeper into the issue by specifying the threats and potential sagefuards against this new generation of attacks. The workshop will also discuss how the implementation of „good practice“ and an enhanced cyberhygiene can contribute to the protection of the public core of the Internet to stabilize cyberspace and what roles and responsibilities emerge from those new threats for governments, the private sector, civil society and the technical community.

DENIC, Afilias, Global Commission on Stability in Cyberspace,

Session Organizers:
Wolfgang Kleinwächter, GCSC, Jörg Schweiger, DENIC, Philipp Grabensee, Afilias

Olof Kolkman, ISOC
Ram Mohan, Afilias
Marina Kaljurand, Global Commisison on Stability in Cyberspace, MP, Estonia
Anriette Esterhuysen, APC, South Africa
Andrej Kolesnikow, SSAC/ICANN

Additional Resource Persons:
Abdul-Hakeem Ajijola, CSS, Nigeria
Marjette Schaake, Member of the European Parliament, The Netherlands
Virgillio Almeida, former ICT Minister, Brazil
Chris Painter, former Cybersecurity Coordinator, US Department of State
Frederick Douzet, Sorbonne University Paris, France

Wolfgang Kleinwächter, GCSC (Offline) / Alexander Klimburg, The Hague Center for Straegic Studies (Online)

Peter Koch, DENIC, ISOC Germany

Expected Outcomes: Further specification of the Norm to Protect the Public Core of the Internet, as proposed by the GCSC, and to develop it into a proposal for the forthcoming UN negotiations under the GGE/OEWG.

Onsite Moderator: 

Wolfgang Kleinwaechter, Civil Society, Western European and Others Group (WEOG)

Online Moderator: 

Alexander Klimburg, Civil Society, Western European and Others Group (WEOG)


Peter Koch, Technical Community, Western European and Others Group (WEOG)

Discussion Facilitation: 

There will be very brief statement by the speakers to allow an interactive discussion among the speakers and and early engagement of the broader public, offline and online.

Online Participation: 

We will publish a background paper in mid-November to enable participants to prepare for the workshop


GOAL 16: Peace, Justice and Strong Institutions