Thursday, November 29, 2012

Syria Has Just Been Taken Offline

Noah Shachtman

Updated 1:37 pm.

Syria has been largely cut off from the rest of the internet — just as rebel forces are making some of their biggest advances yet against the Assad regime.

“From what we are seeing,” information security specialist Chris Ginley tells Danger Room, “Syria is offline.”

The network monitoring group Renesys reported on Thursday that 77 networks — 92% of the country’s total — began experiencing outages at 10:26 Greenwich Mean Time.
But Syria’s apparently systematic disconnection from the internet actually began at least a week earlier, according to research by the SecDev Group internet analytics firm. Around the middle of the month, Syria’s ordinary handful of daily requests to withdraw from Syria’s BGP [Border Gateway Protocol] routes started to grow to a few hundred per. These connections are what enables one national network to interface with the broader internet. On November 22, the withdrawals suddenly jumped to more than 2000. An even greater spike occurred on November 29.

“When a country withdraws itself from the internet using BGP such as Syria has, it means that on a technical level no one knows how to get there anymore, because there are no longer any paths, effectively shutting off the internet in the region,” SecDev explains in a draft report.

“On some networks there are still some paths in place,” Ginley adds. “But this could be to maintain some limited communication or perhaps it’s just an error on their side.”
The communications blackout — which, according to some local reports, also briefly included cell and landline phone service – is hugely important to the war effort in Syria.

 The rebels don’t just use these networks to share information with one another. They train their forces and document regime atrocities with YouTube clips. The government has been known to shut down internet service in a particular city in advance of a major attack.

“But this is the first time are seeing it centralized (from what I can tell),” emails SecDev CEO Rafal Rohozinski, who has been working with Syrian opposition groups. “We are trying to ascertain whether this is a deliberate pulling of the plug, a technical error, or something else.”

Damascus International Airport has also reportedly disappeared from some flight radars.
“I would be a bit surprised if this was a long-lasting outage,” Rohozinski adds. “The Syrian government and security forces rely alsp on the internet as a means of coordination, propaganda, and ensuring a degree of satisfaction among its constituency. Also, Syria has seen increase in cell phone and internet subscribers during the period of the conflict. In other words, it’s a source of revenue for the economy and government, as well as a vital lifeline for most people.”

Syria’s information minister claims that the Damascus government had nothing to do with the shutdown. “It is not true that the state cut the internet. The terrorists targeted the internet lines, resulting in some regions being cut off,” Reuters quotes him as saying. One regime-friendly website calls the cutoff a NATO “psychological operation.”

Perhaps. But one thing is for certain: the communications clampdown comes as Syrian rebels are enjoying some of their most important gains of the war. They seized a major hydroelectric dam on Monday. And “in the past month,” the New York Times reports, “fighters have overrun a half-dozen [military] bases around Damascus, Syria’s capital; two in the country’s eastern oil-producing area; and the largest military
installation near the country’s largest city, Aleppo.” The AP reports that American officials are preparing to recognize the opposition as Syria’s legitimate government.

A chart from Akamai shows the drop-off of Syrian internet traffic.

The regime is continuing to bombard rebel-controlled bases and towns from the air. On Tuesday, the regime warplanes bombed an olive press factory near the Turkish border, killing at least 20 people. A day prior, air attacks on two rebel bases reportedly sent hundreds of people fleeing into Turkey. These attacks came just before a NATO team arrived in Turkey to scout potential sites for Patriot missile batteries, which could be used to defend against a regime attack across the border.

Syrian rebels have fought back with captured anti-aircraft missile launchers, days ago shooting down a regime helicopter. It’s all part of an increasing array of heavy weapons captured from army bases overrun by the rebels. Earlier in November, rebels seized a major military base near the northern city of Aleppo, capturing several tanks, multiple armored vehicles and long-range artillery guns. Perhaps more vital for the war against Assad is the situation near the capital of Damascus, which is now seeing signs of a “rebel siege,” opposition activist Fawaz Tello told Reuters. Rebel forces captured at least two military bases near Damascus in this month, and are are reportedly coming close to cutting off the city’s airport.

Syria’s networks have also become a central battlefield in the conflict. In recent months, pro-regime hackers are trying to gain access to activists’ machines — by tricking them into downloading fake security software. Once installed, the surveillance programs will “take screenshots of target machines, turn on the computer’s microphone or camera, log all your keystrokes — and then send it all back to Damascus,” Eva Galperin of the Electronic Frontier Foundation tells Danger Room. As Renesys notes, it may be no coincidence that one of the few networks to survive the Syrian blackout was implicated the May malware attacks targeting activists.

Both sides have leaked embarrassing emails belonging to the other. In August, pro-regime hackers broke into the Reuters news service, posting a fake news story about the crumbling of rebel support in Aleppo. In September, the Al-Jazeera news network had its websites defaced with messages calling the rebels “terrorists.”

Meanwhile, several hundred Syrian activists have traveled to Istanbul for training in secure communications, funded by the U.S. State Department. The rebel leaders received tips on how to leapfrog firewalls, encrypt their data, and use cellphones without getting caught, as Time magazine recently reported. Then they returned to Syria, many of them with new phones and satellite modems in hand.

In response, perhaps, the regime has detained tech activists like the open source advocate Bassel Khartabil. The Electronic Frontier Foundation has “launched a letter-writing campaign, hoping to flood Syrian officials and diplomats with physical mail demanding that Khartabil be formally charged and given access to a lawyer or released immediately.” Given the state of Syria’s networks, it may be the only kind of mail that gets through.

Help Us Transmit This Story

  Add to Your Blogger Account   Put it On Facebook   Tweet this post   Print it from your printer   Email and a collection of other outlets   Try even more services

No comments:

Post a Comment