With the threat of today's protests looming in Egypt, on Thursday Egyptian authorities cut the nation off the internet. No online communication could pass in or out of the country. We investigated whether a similar lockdown could happen in America.
Photo via asharkyu/Shutterstock
How the Egyptian government erased its citizens from the internet
No one is completely certain what happened to the Egyptian internet, but it appears that the shutdown started off early in the week with the country blocking Twitter and Facebook access for those within its borders. Then, shortly after Thursday midnight local time, the country simply disappeared from the internet. With a few exceptions like the stock exchange, Egyptian websites and services were unreachable; the network traffic over Egyptian borders dropped by an astonishing 90 percent. Cell phone networks were also down. Today Vodafone confirmed that all mobile providers been "obliged" by the Egyptian government to shut off service to customers in that country.
How did it happen? Most likely, according to experts, the Egyptian authorities made a few phone calls to the country's handful of large internet service providers. Their request would have been simple: Make it impossible for Egyptians to communicate with other countries and each other using the internet. But carrying out this order isn't like hitting an off switch.
To erase Egypt, those providers would have to corrupt routers, nodes in the internet which direct data traffic. Each router helps traffic along by advertising the many IP addresses it knows using a system called border gateway protocol (BGP). When you visit a website in Egypt, your internet provider uses BGP to ask an Egyptian router, "Hey, how do I get to this Egyptian blog?" The router responds by using BGP to send you on your merry way to the right address. BGP is basically the border language that helps different parts of the internet speak to each other.
But early Friday morning, thousands of routers in Egypt had their minds wiped. Suddenly they had no idea where anything was on the Egyptian internet. When your internet provider looked for web addresses inside Egypt, it found nothing. Egyptian routers no longer gave meaningful answers to BGP requests for border crossings.
James Cowie of network analysis firm Renesys observed the Egyptian shutdown as it happened. He wrote yesterday in a blog post:
Renesys observed the virtually simultaneous withdrawal of all routes to Egyptian networks in the Internet's global routing table. Approximately 3,500 individual BGP routes were withdrawn, leaving no valid paths by which the rest of the world could continue to exchange Internet traffic with Egypt's service providers. Virtually all of Egypt's Internet addresses are now unreachable, worldwide.
This is a completely different situation from the modest Internet manipulation that took place in Tunisia, where specific routes were blocked, or Iran, where the Internet stayed up in a rate-limited form designed to make Internet connectivity painfully slow. The Egyptian government's actions tonight have essentially wiped their country from the global map.
Could the same thing happen in America?
Egypt's internet infrastructure is quite sophisticated, and it's one of the most highly networked countries in its immediate region. Still, it was relatively easy to take the country off the net because it had a limited number of network providers. In addition, the Egyptian government has broad powers over its communication, which is why a company like Vodafone has to cut off its millions of Egyptian customers when the government comes knocking.
Despite these differences, it's very possible that Egypt's swift shutdown of its country's internet could provide a model for American governments of the future.
Alex Stamos, a computer security expert with iSEC Partners, said he'd spoken recently with U.S. officials about this possibility in the event of an internet-based attack on America. (Full disclosure: iSEC Partners has done work for io9's parent company, Gawker Media.) Stamos thinks the U.S. probably wouldn't take the country off the internet, but instead try to prevent Americans from reaching "enemy" countries or regions online. He said via e-mail:
I wouldn't be shocked if the US didn't have a gameplan to make China, Russia, North Korea and/or Iran go away in case of WWIII. The first step would be to have major US networks (UUNET, Level3, Sprint, AT&T, Verizon, Comcast, Google, BT) advertise these countries' IP ranges and "null route" the resulting packets, meaning throw them away.
He said that shutting down the internet within U.S. borders would be "almost impossible," but:
The government certainly could force AT&T, Verizon, Sprint, and T-Mobile to turn off wireless IP routing and for Comcast, AT&T, Verizon, Charter, Time Warner and the other consumer ISPs to basically shut down their networks or at least their edge routers. It's unlikely that the government would be able to force every small ISP and college to stop their peering, and corporations and other customers with multiple ISPs would still have connectivity.
I also spoke with network expert Matthew Ringel, a former network engineer with Tufts University who has worked extensively with BGP routers. When I asked whether he thought the US government could imitate the Egyptian model, he was dubious - but only about their ability to do it as swiftly as Egypt did. Given how complicated the US internet is, he said, "In the immediate term [shutting it down would be] very hard, bordering on impossible, but you could do it in a few days to a week."
Both Ringel and Stamos agreed that another possibility would be to cut off physical access to the internet.
There are only a limited number of cables leading out of the U.S. to other parts of the world (see cable map above). Physically cut them and you've got what network geeks call "an air gap." No network traffic can cross the empty air between the cable's severed ends.
But wouldn't it be illegal for the U.S. government to shut down the internet?
All the scenarios for shutting down the American internet involve some degree of collusion between the government and private companies who provide internet access to millions of people in the U.S. But could the government really make AT&T shut off your network and phone? Wouldn't that be illegal?
For now, as long as the president doesn't declare martial law, it would be. There are a number of laws that protect internet service providers from government control. But that could change very soon. Several bills have been working their way through Congress that would give President Obama "kill switch" control over the internet during a "national cyber-emergency."
CNET's Declan McCullagh has been following the bills, first proposed by Senator Joe Lieberman and Senator Susan Collins. This week, he reported that the bill has been revised and is picking up steam:
The revised version includes new language saying that the federal government's designation of vital Internet or other computer systems "shall not be subject to judicial review." Another addition expanded the definition of critical infrastructure to include "provider of information technology," and a third authorized the submission of "classified" reports on security vulnerabilities.
The idea of creating what some critics have called an Internet "kill switch" that the president could flip in an emergency is not exactly new.
A draft Senate proposal that CNET obtained in August 2009 authorized the White House to "declare a cybersecurity emergency," and another from Sens. Jay Rockefeller (D-W.V.) and Olympia Snowe (R-Maine) would have explicitly given the government the power to "order the disconnection" of certain networks or Web sites. House Democrats have taken a similar approach in their own proposals.
Such a bill would allow the President to order shutdown of the American internet without any checks from the Judiciary.
This is something that worries digital liberties groups like the Electronic Frontier Foundation. Eva Galperin, an activist with the group who works on international issues, emphasized that Obama might be closer than we think to having a kill switch for the American internet. In a statement, she said:
What's going on in Egypt highlights the risk of granting any leader, up to and including the President of the United States, unilateral power to shut down portions of the internet. There have been a couple of bills in Congress which we read as potentially giving the President broad and vague powers to take emergency steps to protect the US in case of a "cyberemergency" declared by the president. Any such bill would have to be narrowly tailored for a specific threat, with review by congress and the courts.
All these legal niceties and predictions may not matter if the U.S. government perceives itself as under threat. As Galperin put it, "If the US government actually severs cables in order to cut off internet access in the US, then they have lost all regard for the rule of law and all bets are off."