Syria: the danger of a centralized network

On November 29, at around 10:30 am (UTC), Syria was largely severed from rest of the digital world. Syria has been plagued by a war between government and opposition forces, but until yesterday, had never experienced service disruptions beyond a few minutes.

Our Radar data substantiates what has been observed by specialist colleagues who monitor “BGP” (RenesysBGPMon…), this is a major and comprehensive event.

This is not the first time we have seen such an occurance. In 2011, during the revolutionary uprising in the country, the Egyptian regime had ordered the cut off (“killswitch”) of all access networks, except that of the Stock Exchange.

Cedexis Radar data continues to show that Syria is unreachable by Internet users from around the globe, by every ISP network we collect data (from over 34,000 networks in total).

For those wishing some information on the Syrian Internet, here’s what we have to supplement our own data:

  • In Syria, one operator controls all traffic: Syrian Telecommunications Establishment (AS29386). This operator is itself under the authority of the Syrian government.
  • The country has 4 core Transit connections: 3 submarine cables (UGARIT, Aletar and Berytar) and a terrestrial link with Turkey.
  • Besides the dangerous centralization of ISP services through a single party, the submarine cables themselves land in one city (Tartous), enabling a single physical point of control as well.
  • Overall connectivity is interrupted: The unreachability of all Syrian IP blocks suggests a coordinated action, not an accident such as a fiber cut.
  • Communications by satellite were still possible according several local sources

Credit: SCM

About BGP updates and IP blocking… Stephane Enten, VP Cedexis services, offers some useful points to better understand the operation:

Is an inability to reach any IP blocks necessarily linked voluntary human action?

S. Enten: There are always routes that are announced or deleted, that’s the life of global network. Routers learn a route on one side and the route ahead of the other. A hardware problem may well be the cause of the disruption we see. By extension, if a building housing strategic telecom equipment has been damaged, and/or lost power, routers cannot “announce” their IP address to other routers that comprise the Internet.

How long does it take to “turn off” an AS and/or IP global network?

S. Enten: A routers may take a few seconds (approx 30s) to propagate a BGP route withdrawal, so a network may disappear from the Internet in only a few minutes.

What alternatives are there for bypassing such an event?

S. Enten: Unfortunately, the cut is inevitable. To circumvent such an outage you need an alternative network to that which is controlled by the state. This can be done eg via satellite or radio links that must be found in the border areas. It is also possible to use “dialup” equipment to a remote operator if international voice communications are not interrupted.

Journalists: Looking for Radar data or inputs from Cedexis? Contact us by mail or Twitter @cedexis

, ,
0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *