Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

Syria Drops off The Internet, Again.

Syria was cut off from the Internet on Tuesday, and remains offline as of Wednesday morning, according to several US Internet firms and the State Department.

Syria was cut off from the Internet on Tuesday, and remains offline as of Wednesday morning, according to several US Internet firms and the State Department.

[Update 1PM ET: Syrian Internet traffic appeared to resume flowing at approximately 2:15 PM GMT – See images below]

Dan Hubbard, CTO for OpenDNS and Umbrella, the security unit of OpenDNS, was one of the first to mention the drop-off after noticing that at around 18:45 UTC, Internet traffic from Syria plummeted.

“At around 18:45 UTC the OpenDNS resolvers saw a significant drop in traffic from Syria,” Hubbard wrote in a blog post. “On closer inspection, it seems Syria has largely disappeared from the Internet.”

Syria Internet Cutoff

The US State Department also confirmed the outage via Twitter, saying, “Syria is currently experiencing an internet blackout as of this afternoon.” 

Firms including Google, Akamai, Arbor Networks and other firms have since confirmed the drop-off in traffic in Syria.

According to Google’s Transparency Report, the country was still offline at the time of publishing. (10:15AM ET) [Update: Syrian Internet traffic appeared to resume flowing at approximately 2:15 PM GMT – See image from Arbor Networks]

Syrian Internet

On Wednesday, the state-run Syrian Arab News Agency (SANA) reported that an optic cable problem caused the outage, something most are skeptical about. According to SANA, repairs were under way to restore services “as soon as possible,” citing communications official Bakr Bakr.

“Shutting down Internet access to and from Syria is achieved by withdrawing the BGP routes from Syrian prefixes,” Hubbard explained.

Syria Flag“BGP distributes routing information and makes sure all routers on the Internet know how to get to a certain IP address,” Hubbard continued. “When an IP range becomes unreachable it will be withdrawn from BGP, this informs routers that the IP range is no longer reachable.”

On Tuesday, Hubbard said there were just three (3) routes in the BGP routing tables for Syria, while normally that number is close to eighty.

This is not the first time the Internet has been effectively shut off in Syria.

Following a similar country-wide outage in November 2012, the Syrian Minister of Information blamed terrorists and attempted to convince the world that the government had nothing to do with the outage.

“It is not true that the state cut the Internet. The terrorists targeted the Internet lines, resulting in some regions being cut off,” the Minister stated at the time.

According to activists, sudden Internet cut-offs can occur before major military movements, or to limit the communications of rebel fighters.

Following the November outage, Anonymous began targeting the Internet properties of the Syrian government and pro-government supporters in retaliation through “OpSyria”.

Following this event, it’s likely that the loosely-held hacktivist collective could launch a new round of attacks against Syrian government interests.

“Although we can’t yet comment on what caused this outage, past incidents were linked to both government-ordered shutdowns and damage to the infrastructure, which included fiber cuts and power outages,” Hubbard said.

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Expert Insights

Related Content

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Cybersecurity Funding

Forward Networks, a company that provides network security and reliability solutions, has raised $50 million from several investors.

Network Security

Cisco patched a high-severity SQL injection vulnerability in Unified Communications Manager (CM) and Unified Communications Manager Session Management Edition (CM SME).

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Network Security

Vulnerabilities identified in TP-Link and NetComm router models could be exploited to achieve remote code execution (RCE).