Route 53 is Amazon's elegant DNS web service. DNS is the part of the Internet that converts domain names, like apple.com, into IP addresses such as 18.104.22.168. This is how humans contact computers on the Internet. While DNS is robust, resilient, and redundant, it is the Internet's single point of failure.
So, here's my theory. Websites, like adweek.com, use Route 53:
dig adweek.com ns
adweek.com. 172800 IN NS ns-304.awsdns-38.com.
adweek.com. 172800 IN NS ns-532.awsdns-02.net.
adweek.com. 172800 IN NS ns-1322.awsdns-37.org.
adweek.com. 172800 IN NS ns-1571.awsdns-04.co.uk.
Now here's the hijacking part. What if I go to my own Route 53 account, create an entry for adweek.com, and start adding records? When I did this, Route 53 assigned the following four NS servers to me:
There should be no hijacking problem since Route 53 assigned four NS servers to me that are different than adweek.com's NS servers. In other words, I cannot hijack adweek.com's Internet traffic in this case. But what if Route 53 had assigned to me an NS server that was the same as adweek.com's NS server? Then, I'm speculating, I could redirect at least a small portion of adweek.com's traffic to wherever I wanted to.
Perhaps this isn't an issue because Route 53 ensures that it never duplicates NS servers names. That would be an expensive proposition, but certainly doable. From there, if my theory holds true, then what about simpler DNS hosts, such as GoDaddy whose DNS servers seem to be limited to nsXX.domaincontrol.com, where XX appears to be a double digit number? This means that many different domain names are using the same DNS server names. Would that make it possible to hijack some traffic from websites sharing the same DNS server? I'm sure that DNS implementations are robust enough that this isn't an issue, otherwise it would have occurred by now. But, with my understanding of the DNS RFC, I don't know how this hijacking issue has been avoided.
So, how has this DNS hijacking scenario been prevented? I'd love to know.