Not hijack but he could disturb it. When US based organizations (afaik 9 out of 12) who run root dns servers change their root-file he could force ISPs in the US to ignore root servers that don’t cooperate. Or Microsoft to update Windows with modified root hints . Or force Google or Cloudflare to do so for their resolvers. Or AWS for their services…
It wouldn’t stop anyone to ignore said changes and it would be discovered pretty fast. But he could censor the internet and users who don’t care or don’t have the knowledge. Or if you rely on a service who didn’t react (gmail anyone?)
Even DNSSec wouldn’t help as he would control the start of the chain of trust.
There are a lot of infrastructure and involved companies based in the US. I don’t say it’s hopeless but don’t underestimate the chaos he could evoke.
Not hijack but he could disturb it. When US based organizations (afaik 9 out of 12) who run root dns servers change their root-file he could force ISPs in the US to ignore root servers that don’t cooperate. Or Microsoft to update Windows with modified root hints . Or force Google or Cloudflare to do so for their resolvers. Or AWS for their services…
It wouldn’t stop anyone to ignore said changes and it would be discovered pretty fast. But he could censor the internet and users who don’t care or don’t have the knowledge. Or if you rely on a service who didn’t react (gmail anyone?)
Even DNSSec wouldn’t help as he would control the start of the chain of trust.
There are a lot of infrastructure and involved companies based in the US. I don’t say it’s hopeless but don’t underestimate the chaos he could evoke.