As I sit here right now, the country of Egypt is a black hole on the Internet. All 3,500 prefixes originated by Egypt’s four major ISPs have been withdrawn from the global BGP table. There is no route into or out of the country, save the one ISP utilized by the Egyptian Stock Market, most likely in an effort to keep the country’s economy from collapsing. This follows on the heels of other government interference in cybercommunications in Tunisia this past month and Iran last year. Egypt, however, is the first country to completely darken the Internet in an effort to keep services such as Twitter and Facebook from coordinating resistance and allowing information to be disseminated to the world at large. I learned a very long time ago that arguing about politics never leads anywhere. What I would like to comment on, however, is the trend toward censoring information by disrupting network communication.
Egypt yanked all Internet access for its citizens in an effort to control information. Tunisia has been accused of affecting Internet traffic for its citizens as well, blocking certain routes and causing outages on the Web. Iran limited access to social media and even attempted to severely rate limit Internet traffic during the election protests last year. This trend shows that governments are starting to realize the power that the Internet provides to disaffected groups of people. No longer to “subversives” need to meet in underground basements or abandoned warehouses. Those places have been replaced by chat rooms and e-mail. Relying on one or two trustworthy individuals to get the word out by smuggling rolls of film to the mass media has been replaced with instant pictures being uploaded from a cell phone to Twitter or Flickr. The speed with which protests can become revolutions has become frighteningly accelerated. So too is the speed with which the affected government can slam the door shut on the ability for these revolutionaries to use the very media which they rely on to spread the word. Egypt was able to successfully cut off access within a few hours of the first rumors of such a thing being contemplated.
For those of you that think that something like that could never happen here (here being the US), let me direct your attention to the Protecting Cyberspace as a National Asset Act. This hotly debated bill would give the government more ability to combat large-scale cyber warfare and allow them to protect assets deemed vital to the national interest. The biggest concern comes from a provision inserted that would give the president the ability to enact “emergency measures” to prevent a wide-reaching cyber attack. This includes the power to shut down major networks for a period of up to 120 days. After that time, Congress must either approve an extension, or the networks must be reactivated. I won’t delve into some of the wilder conspiracy theories I’ve seen surrounding this bill, but the idea that our networks could be shut down without our consent to protect us is troubling. According to my research, there is no provision that defines the situation that could cause a national shutdown. The president, acting through the National Center for Cybersecurity and Communications (NCCC) Director, is supposed to inform the affected networks to enact their emergency measures and ensure the emergency actions represent the least disruptive means feasible to operations. In other words, the NCCC director just has to tell you he shut you down and you should try to make things work as well as you can.
Using this as a possible scenario, assume some kind of external driver causes the president and the NCCC director to shut down a large portion of the Internet traffic. It doesn’t have to be a revolution or something so sinister. It could be a Stuxnet-type attack on critical power infrastructure. Or maybe even a coordinated cyber attack like something out of a Tom Clancy novel. In an attempt to deter the attack or mitigate the damage, let’s say the unprecedented step of withdrawing a large number of BGP prefixes is taken, similarly to what Egypt has done. What kind of global chaos might this cause? How many transit ASes exist in the US that would pass traffic around the world. I’ve seen stories of how the World Trade Center attacks in 2001 caused a global Internet slowdown due to the amount of traffic that was passed through the networks located there. That was two buildings. Imagine withdrawing even half the traffic that flows through the US and networks located here. What impact would that have? The possibilities would be mind-boggling. Even a carefully coordinated network shutdown would have far reaching impact that no one could foresee. Chaos is funny like that.
The Internet, or cyberspace or whatever your term for it, is now something of a curiosity. It exists on its own, independent of the laws of nations or man. Those who seek to control information flow or restrict access find themselves quickly thwarted by the fact that packets and frames do not respect political boundaries. For every attempt to shutdown The Pirate Bay, a simple move to different location allowed them to stay active. Even when pressure was applied to the people behind the site, it was quickly seen that their creation had taken on a life of its own and would persist no matter what. What of the Wikileaks saga, where the attempt to behead the organization by targeting its leader has only fanned its flames and most likely ensured its survival no matter what may happen to Julian Assange. Those of us who live our lives in this electronic realm see differences in the way culture is developing. There are lawless places in the Internet where mob rule is the law of the cyberland. Information is never truly forgotten, merely pigeonholed away until it is needed again. Attempts to impose political will upon the citizens of the Internet are usually met with force, protest, and in some cases, retribution. I keep wondering when organizations are going to figure out that attempting to erase information is tantamount to daring the Internet to publicize it. In the same way, attempting to shut down access the Internet and social media at large is a sure way to force people to circumvent these restrictions. As we watched Egypt vanish from the cyber landscape last night, many of my friends remarked that it would only be a matter of time before someone challenged the blockade and won. Someone could hack the edge routers and reestablish the BGP peering with the rest of the world and the floodgates would be opened again. Whether or not that happens in the next few days remains to be seen.
As the world becomes more reliant on the Internet to provide information to everyone, we as cyber citizens must also remain vigilant to keep the information flowing freely. The Internet by design lends itself to surviving major disruptions without totally crashing. It is our responsibility to show the world that information wants to be learned and shared and no amount of meddling will change that.