The report indicates that the internet withstood the attack because of the Anycast shield technology implemented after the last attack of a significant size in 2002.
The 13 core DNS servers of the internet were hit with a significant distributed denial of service attack in early February originating from the Asia-Pacific region.
Six of the 13 root servers that form the foundation of the internet were affected. The two worst affected did not have Anycast installed, Icann said, highlighting the effectiveness of the load balancing technology.
"Even though it was a large attack, the new technology, combined with the speed, skills and experience learned by root server operators over the years, helped to make sure that actual internet users were not inconvenienced," Icann said.
Anycast allows a number of servers in different places to act as if they are in the same location.
While there are 13 locations on the network for root servers, the reality on the ground is that not only are there often dozens at one spot but dozens of servers in other locations that can also deal with requests.
In the case of the F-root, for example, there are no fewer than 42 different locations supporting the root server.
Following the start of the attack in February, engineers soon discovered that all the attack packets were larger than 512-bytes and were able simply to block any packets larger than this size.
With the Anycast technology apparently proven, it is likely that the remaining D, E, G, H and L roots will move over soon, Icann said.
Interestingly, while the motive for the attack remains largely unknown, Icann suggested that it could have been an advertisement for a particular botnet, demonstrating how much power it had at its disposal.
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
iTnews State of Security Breakfast
iTnews State of Data & AI Breakfast
Forrester's AI Forum Sydney
The 2026 iAwards
Security Exhibition & Conference
_(1).jpg&h=140&w=231&c=1&s=0)
