Egyptians earlier this week took to the Web—Facebook and Twitter, in particular—as a means of organizing their protests against Egyptian President Hosni Mubarak's three-decade-old government. As of Friday morning, however, there no longer was much of a Web to take to—at least not in Egypt. In an unprecedented turn of events, at 12:34 A.M. local time in Cairo five of the country's major Internet service providers (ISPs) shut down their connections to the Internet.
Speculation is rampant as to what happened, but the most credible reports point to a government-ordered shutdown of nearly all Internet access within Egypt with about 93 percent of Egyptian networks out of service. One of the only connections to the Internet that has not been blocked belongs Noor Data Network, the ISP used by the Egyptian (stock) Exchange.
The shutdown does not appear to be a spontaneous event, given that the Telecom Egypt, Raya, Link Egypt, Etisalat Misr and Internet Egypt ISPs each shut down its part of Egypt's Internet in sequence an average of about three minutes apart, according to Manchester, N.H.-based network security firm Renesys Corp. This sequencing indicates that each of the ISPs may have received a phone call telling them to drop Internet access to their subscribers, as opposed to an automated system that kicked in to take down all of the providers at once, Jim Cowie, Renesys chief technology officer and co-founder, blogged on Friday.
If this analysis is correct, it indicates a level of governmental Internet control unseen to this point, not even in China, Iran and Tunisia, which have been accused of manipulating Internet access to quell government opposition. Scientific American spoke with Cowie, whose company monitors global Internet infrastructure, to better understand how it works under both normal and, in this instance, abnormal conditions.
[An edited transcript of the interview follows.]
What exactly happened in Egypt, and how did it come to your attention?
This is certainly one of the strangest abnormal conditions that we've witnessed in a long time. We study what is known as the global routing table, essentially all of the address prefixes that make up the Internet. ISPs keep this information in their routers. When they need to send traffic to a place, they look up the address to figure out where to send it. We gather those tables from hundreds of providers, and we watch them in real time to figure out what's going on. On January 27, we observed hundreds of providers all over the world suddenly telling us that most of the network addresses in Egypt no longer existed. It's not that their paths were changing a little bit to get better value out of their connection or engineering around a little cable break or something. It was really a matter of just disappearing. And it was just Egypt—you didn't see networks in the Gulf, India or China go down, as you might if a submerged cable in that region had been damaged.
Does this shutdown of Internet access into and out of Egypt resemble attempts by countries such as China, Iran or Tunisia to control the flow of online traffic?
No, it's a completely different class of problem. Typically what happens in countries like Tunisia or Iran or China is people exert very surgical control over information, they will block particular domain names, or they'll block particular Web sites or particular small networks that host content that they don't like. When Iran had its problems after its elections, they slowed down their Internet so they could use it more effectively to control protestors but they didn't take it down. Normally, when someone has a problem on the Internet, it's a single provider, a single organization, that gets in trouble or loses a piece of equipment or runs out of power for their generator after a blackout or something. In this case, within the space of about 20 minutes, all of the largest service providers in Egypt mysteriously and with no apparent coordination all left the Internet. It's a completely different signature.
How could something like Egypt's current situation have happened?
Clearly there was some behind-the-scenes coordination. The most plausible scenario that I could think of is that somebody from the government calls up all their license-holders—all of these regulated ISPs, telecommunications companies, mobile service providers—and just has a conversation with them that says, "Turn it off." The managers of those companies go to their engineers, point to their Internet routers and relay the message, "Turn it off." The engineers log into those routers, make one or two lines of configuration change and hit "return" on the keyboard. Thirty seconds later, it's done.