Behind (and beyond) Egypt's Internet shutdown

The Egyptian government's near-complete elimination of domestic Internet access is unprecedented and shocking. How did it happen? And could something similar happen in America?
Written by John Herrman, Contributor

Mere hours after protests in Cairo began, observers were eager to brand the fledgling movement a "Twitter Revolution." This, along with similar labeling of recent unrest in Tunisia, is a stretch; the factors leading up to this explosive day in Egyptian history are complex and can be traced back to a time well before the ideas for Twitter and Facebook had graced their respective drawing boards.

But just because social networking didn't spur the unrest doesn't mean it wasn't a powerful catalyst. Text and images from inside Egypt have been flooding out of Egypt for the last 72 hours, providing an unfiltered look at what protesters have been up to, and how their government has responded.

Well, they had been. Late yesterday, the Egyptian government shut off Internet access within the country's borders. Not just Twitter, or Facebook, or access to foreign websites, but the whole thing. In the space of a few hours, Egypt went from a pulsing digital epicenter to an absolute Internet black space. Pinging a site like Yahoo through Egyptian servers results in this:

In other words, people in Egypt can't connect to any websites, and people outside of Egypt can't connect to (almost) anything hosted inside the country. Millions of Internet users just blinked out of existence, basically.

But how can a country just shut down a complex infrastructure like this? The answer is decidedly non-technological, according to Internet security firm Renesys. The Egyptian government, in panic, simply ordered the country's Internet service providers to stop operations. This is akin to the President commanding Comcast, Time Warner, AT&T, Verizon and Earthlink to stop providing Internet access to their customers--and each complying, almost immediately. Here's how quickly the networks went down by Renesys' observation (the y axis represents the number of networks available through each ISP):

As the company's CTO, James Cowie, explains on Renesys' blog, "this sequencing looks like people getting phone calls, one at a time, telling them to take themselves off the air. Not an automated system that takes all providers down at once; instead, the incumbent leads and other providers follow meekly one by one until Egypt is silenced." Rather than take direct control over Egypt's network infrastructure, the Egyptian government just took control of the people and companies that preside over it.

What the ISPs did, actually, is shut off the thousands of Border Gateway Protocol routes used to send traffic in and out of the country. These aren't intended specifically as shut-off points, and are a vital part of any large network infrastructure. They are, however, natural choke points. All the ISPs needed to do to stop traffic was shut down some routing hardware. (For a more technical explanation of the shutdown, read the full Renesys post here.)

One would think that enacting an Internet shutdown in the US would be much more difficult than "telling [ISPs] to take themselves off the air." Such a request would likely be met with resistance from ISPs, result in a public relations nightmare for the government, and presumably end up in court. At the very least, a 20-minute, ISP-by-ISP shutdown is hard to conceive of here.

But it's not impossible. Supporters of the Lieberman-Collins Bill, which is intended to delineate powers that the Executive has over telecommunications systems--and in particular, ISPs--in emergency situations, point to the Communications Act of 1934(PDF), which they claim already gives the President the ability to take control of, and conceivably shut down, any part of the US network infrastructure. The relevant excerpt:

During the continuance of a war in which the United States is engaged,the President is authorized, if he finds it necessary for the national defense and security, to direct that such communications as in his judgment may be essential to the national defense and security shall have preference or priority with any carrier subject to this Act. He may give these directions at and for such times as he may determine, and may modify, change, suspend, or annul them and for any such purpose he is hereby authorized to issue orders directly, or through such person or persons as he designates for the purpose, or through the Commission.

As a piece of legislation first written in the 30's and last amended in 1996, it could probably use an Internet-centric update. However, the Lieberman-Collins bill, which the Senate is expected to act on this year, does little to blunt these powers, instead reinforcing the ability of the federal government to take control of designated "vital" Internet or computer systems in emergencies, without judicial review.

The bill doesn't explicitly mention a "kill switch," and provides (or rather, clarifies the powers of) the tools the Executive has to take control of various parts of America's network infrastructure. The Senate Committee on Homeland Security and Government Affairs' even issued a press release claiming that the bill would "make it far less likely for a President to use the broad authority he already has in current law to take over communications networks," by "providing a precise, targeted, and focused way for the President to defend our most sensitive infrastructure."

While the powers described in the bill might focus the government's efforts in a cyber-emergency, possibly preventing a large-scale shutdown like the one in Egypt, they certainly don't preclude one.

This post was originally published on Smartplanet.com

Editorial standards