The sheriffs of the wild web

On a Thursday evening in December a remarkable attack by a shadowy group of hackers briefly paralysed Twitter. For two hours anyone who typed www. twitter.com into their internet explorer's address bar was re-routed to a simple black screen showing a green flag and the words: "This site has been hacked by the Iranian Cyber Army."

Beneath the flag was a line of Persian poetry which read: "We shall strike if the leader orders, we shall lose our heads if the leader wishes."

The attack caused ripples of excitement within the online community but it was largely thought to be a one off. Yet a month later the same group launched an equally bold assault on Baidu, China most popular search engine. For more than four hours a website with handles 60 per cent of the world's most-populous nation's web searches was completely inaccessible.

Both instances employed a specific type of hack known as a "DNS attack" and together they provoked an avalanche of discussion among cyber security experts.

DNS stands for Domain Name System and in many ways it is the beating heart of the internet. Computers are only able to read numbers, which means that every website address is given an individual numerical code (known as an IP address) which is stored on two vast servers at opposing ends of the United States.

When we type in a web address, the DNS acts like an enormous digital phone book, matching up website names to the correct numbers and ensuring that we actually reach the website we want to get to rather than an impostor site. Without it, trust in the internet – the most important concept in cyber security – would be broken. A world without DNS would create online anarchy because we would never know whether the website we were visiting – be it a bank account, Facebook, our email or a government site – was real or a fake.

The Iranian Cyber Army's attacks were significant because they had successfully broke into the DNS system and rerouted traffic away from Twitter and Baidu.

The assaults only targeted two websites and the damage was quickly rectified. But it begged a series of frightening hypotheticals: what if cyber criminals were able to take control of DNS? What if they took the whole system offline?

For a number of years such a prospect had been causing sleepless nights at the Internet Corporation for Assigned Names and Numbers (Icann), the non-profit independent body which effectively regulates internet addresses. A significant attack on the DNS system could cripple the internet, sending the world back to a pre-digital dark age. In the words of Bryon Holland, CEO of the Canadian Internet Registration Authority: "If DNS were to stop working, it would render the Internet effectively non-responsive."

Icann realised that if the DNS system was ever brought down, someone would have to be given the job of bringing the world back online. You couldn't entrust that responsibility to a single group of experts based in one facility because the internet was supposed to be a truly global entity, universally accessible and outside the reach of a single sovereign state. It would also be much easier to steal the tools needed to rebuild the internet if they were all hanging up in the same shed.

So last month, in an announcement that could have come straight out of a Dan Brown novel, Icann announced that the internet would be protected by seven "guardians" on three different continents whose job would be to reboot the internet if the DNS system was ever critically impaired.

drive from www.independent.co.uk