ISPA, South Africa’s official internet Industry Representative Body, calls upon its members to exercise heightened vigilance regarding the security of their AfriNIC (The African Network Information Centre) credentials.
The latter is Africa’s Regional Internet Registry (RIR) and is a member-based, non-profit organisation based in Mauritius.
ISPA’s call follows reports of alleged attempts to access member credentials with a view to potentially influencing AfriNIC’s governance structures.
ISPA’s key concerns are as follows:
- Unauthorised Access Risks: Sharing MyAfriNIC portal credentials can grant third parties the ability to manage one’s IP and ASN resources, including the possibility to cast votes in AFRINIC elections on your behalf.
- Potential for Board Manipulation: Entities obtaining multiple members’ credentials could manipulate voting processes, potentially altering board compositions and policy decisions in ways that may not reflect the true consensus of the AfriNIC community.
ISPA strongly recommends that AfriNIC members safeguard their credentials. Members should ensure that their MyAfriNIC login details remain confidential. In particular, ensure that the username is the NIC-HDL (Network Information Centre handle) of the registered contact, and it is imperative that both username and password are protected.
ISPA also advises that suspicious activity be reported. If members are approached by any entity requesting access to their AfriNIC credentials or proposing the signing of a Power of Attorney, report these incidents immediately to ISPA and AfriNIC.
Before considering any requests to share access or authority over network resources, members are urges to seek advice from trusted legal and technical professionals in order to fully understand potential implications.