ADVERTISEMENT
This article is from the In-Depth Report Forecasting the Future of Cloud Computing

How Was Egypt's Internet Access Shut Off?

Preliminary investigations indicate that most of the country's ISPs cut Internet access within a 20-minute period, likely at the government's behest
Egypt, politics, Internet



COURTESY OF WIKIPEDIA

Egyptians earlier this week took to the Web—Facebook and Twitter, in particular—as a means of organizing their protests against Egyptian President Hosni Mubarak's three-decade-old government. As of Friday morning, however, there no longer was much of a Web to take to—at least not in Egypt. In an unprecedented turn of events, at 12:34 A.M. local time in Cairo five of the country's major Internet service providers (ISPs) shut down their connections to the Internet.

Speculation is rampant as to what happened, but the most credible reports point to a government-ordered shutdown of nearly all Internet access within Egypt with about 93 percent of Egyptian networks out of service. One of the only connections to the Internet that has not been blocked belongs Noor Data Network, the ISP used by the Egyptian (stock) Exchange.

The shutdown does not appear to be a spontaneous event, given that the Telecom Egypt, Raya, Link Egypt, Etisalat Misr and Internet Egypt ISPs each shut down its part of Egypt's Internet in sequence an average of about three minutes apart, according to Manchester, N.H.-based network security firm Renesys Corp. This sequencing indicates that each of the ISPs may have received a phone call telling them to drop Internet access to their subscribers, as opposed to an automated system that kicked in to take down all of the providers at once, Jim Cowie, Renesys chief technology officer and co-founder, blogged on Friday.

If this analysis is correct, it indicates a level of governmental Internet control unseen to this point, not even in China, Iran and Tunisia, which have been accused of manipulating Internet access to quell government opposition. Scientific American spoke with Cowie, whose company monitors global Internet infrastructure, to better understand how it works under both normal and, in this instance, abnormal conditions.

[An edited transcript of the interview follows.]

What exactly happened in Egypt, and how did it come to your attention?
This is certainly one of the strangest abnormal conditions that we've witnessed in a long time. We study what is known as the global routing table, essentially all of the address prefixes that make up the Internet. ISPs keep this information in their routers. When they need to send traffic to a place, they look up the address to figure out where to send it. We gather those tables from hundreds of providers, and we watch them in real time to figure out what's going on. On January 27, we observed hundreds of providers all over the world suddenly telling us that most of the network addresses in Egypt no longer existed. It's not that their paths were changing a little bit to get better value out of their connection or engineering around a little cable break or something. It was really a matter of just disappearing. And it was just Egypt—you didn't see networks in the Gulf, India or China go down, as you might if a submerged cable in that region had been damaged.

Does this shutdown of Internet access into and out of Egypt resemble attempts by countries such as China, Iran or Tunisia to control the flow of online traffic?
No, it's a completely different class of problem. Typically what happens in countries like Tunisia or Iran or China is people exert very surgical control over information, they will block particular domain names, or they'll block particular Web sites or particular small networks that host content that they don't like. When Iran had its problems after its elections, they slowed down their Internet so they could use it more effectively to control protestors but they didn't take it down. Normally, when someone has a problem on the Internet, it's a single provider, a single organization, that gets in trouble or loses a piece of equipment or runs out of power for their generator after a blackout or something. In this case, within the space of about 20 minutes, all of the largest service providers in Egypt mysteriously and with no apparent coordination all left the Internet. It's a completely different signature.

How could something like Egypt's current situation have happened?
Clearly there was some behind-the-scenes coordination. The most plausible scenario that I could think of is that somebody from the government calls up all their license-holders—all of these regulated ISPs, telecommunications companies, mobile service providers—and just has a conversation with them that says, "Turn it off." The managers of those companies go to their engineers, point to their Internet routers and relay the message, "Turn it off." The engineers log into those routers, make one or two lines of configuration change and hit "return" on the keyboard. Thirty seconds later, it's done.

Although there is no single switch that shuts down the Internet as a whole, does the incident in Egypt indicate that the Net can be turned off in small segments?
Think of the Internet infrastructure within any particular country as being an ecosystem. There are a bunch of coordinating organizations—legal, financial, contractual—that work together within this ecosystem. If you look at a complex system such as those in the United States or Canada, you might ask, "How many phone calls would I have to make to shut it down?" It probably wouldn't be possible. Most of the people you would call operate independent of the government and wouldn't even listen to you. In a place like Egypt there's a lot less diversity in that ecosystem. There were just a few key providers, they're all licensed by the government. They have to do what the government says, and they have to operate within the law of the local telecommunications regulatory framework. And so in this case they did what they were asked to.

So the sheer size of the U.S.'s infrastructure works to the Internet's advantage, and a shutdown such as the one in Egypt could not happen here?
I'll speculate. There is no standing legal authority to be exercised and no kill switch. Probably, the government would make a request, and an ISP would say, "That's interesting," and send it to legal. Legal would send it upstairs, there would be consultation, there would be calls back and forth, there would be injunctions levied, there would be lawsuits, and the ISP wouldn't get shut down. This process would take a long time.

If the laws were changed so that there were a clear-cut legal authority and a plan to control the Internet, then anything is possible. But I certainly don't think that the industry in most countries on Earth would stand to have that kind of power dangled over their heads. It would do incredible violence to the companies economically, and it would do even greater economic violence to the country.

The network that handles the stock exchange in Egypt was not affected. What does that mean?
My team is studying exceptions to the Internet blockage; there are a few. We're trying to figure out what they have in common. This was the obvious pattern—the Noor Group did come out basically unscathed. One speculation is that they got the phone call from the government, and they chose not to listen. Another speculation says that they didn't receive the phone call, because there was an agreement to let them stay online because they host the stock exchange, among other things. There's no way to know at this time really.

What else are you and your team keeping an eye on as you monitor the situation?
We're watching very closely to find out what will happen when, in effect, the whole country has to be rebooted, something that has never happened at this scale before. We'll see whether the relationships and networking routes that existed before the problem are resumed afterward or there are structural changes. I suspect they could bring it back up pretty much the way it was when it went down. Existing contractual relations—who pays whom and how much—are all pretty much in place. One significant change could be that companies operating on the Web start looking for ways to diversify how they access the Web. This could mean creating relationships with international carriers and even purchasing additional satellite Internet bandwidth, figuring that they should have one service provider that is not immediately under government control.

Rights & Permissions
Share this Article:

Comments

You must sign in or register as a ScientificAmerican.com member to submit a comment.
Scientific American Dinosaurs

Get the
latest special collector's edition, Dinosaurs!

Limited Time Offer!

Purchase Now >

X

Email this Article

X