Syria was cut off from the Internet on Tuesday, and remains offline as of Wednesday morning, according to several US Internet firms and the State Department.
[Update 1PM ET: Syrian Internet traffic appeared to resume flowing at approximately 2:15 PM GMT – See images below]
Dan Hubbard, CTO for OpenDNS and Umbrella, the security unit of OpenDNS, was one of the first to mention the drop-off after noticing that at around 18:45 UTC, Internet traffic from Syria plummeted.
“At around 18:45 UTC the OpenDNS resolvers saw a significant drop in traffic from Syria,” Hubbard wrote in a blog post. “On closer inspection, it seems Syria has largely disappeared from the Internet.”
The US State Department also confirmed the outage via Twitter, saying, “Syria is currently experiencing an internet blackout as of this afternoon.”
Firms including Google, Akamai, Arbor Networks and other firms have since confirmed the drop-off in traffic in Syria.
According to Google’s Transparency Report, the country was still offline at the time of publishing. (10:15AM ET) [Update: Syrian Internet traffic appeared to resume flowing at approximately 2:15 PM GMT – See image from Arbor Networks]
On Wednesday, the state-run Syrian Arab News Agency (SANA) reported that an optic cable problem caused the outage, something most are skeptical about. According to SANA, repairs were under way to restore services “as soon as possible,” citing communications official Bakr Bakr.
“Shutting down Internet access to and from Syria is achieved by withdrawing the BGP routes from Syrian prefixes,” Hubbard explained.
“BGP distributes routing information and makes sure all routers on the Internet know how to get to a certain IP address,” Hubbard continued. “When an IP range becomes unreachable it will be withdrawn from BGP, this informs routers that the IP range is no longer reachable.”
On Tuesday, Hubbard said there were just three (3) routes in the BGP routing tables for Syria, while normally that number is close to eighty.
This is not the first time the Internet has been effectively shut off in Syria.
Following a similar country-wide outage in November 2012, the Syrian Minister of Information blamed terrorists and attempted to convince the world that the government had nothing to do with the outage.
“It is not true that the state cut the Internet. The terrorists targeted the Internet lines, resulting in some regions being cut off,” the Minister stated at the time.
According to activists, sudden Internet cut-offs can occur before major military movements, or to limit the communications of rebel fighters.
Following the November outage, Anonymous began targeting the Internet properties of the Syrian government and pro-government supporters in retaliation through “OpSyria”.
Following this event, it’s likely that the loosely-held hacktivist collective could launch a new round of attacks against Syrian government interests.
“Although we can’t yet comment on what caused this outage, past incidents were linked to both government-ordered shutdowns and damage to the infrastructure, which included fiber cuts and power outages,” Hubbard said.

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.
More from Mike Lennon
- ‘No Evidence’ of Cyberattack Related to FAA Outage, White House Says
- SecurityWeek to Host 2022 ICS Cybersecurity Conference October 24-27 in Atlanta
- Google Completes $5.4 Billion Acquisition of Mandiant
- Cybersecurity Firm ZeroFox Begins Trading on Nasdaq via SPAC Deal
- HUMAN Security and PerimeterX Merge on Mission to Combat Bots
- Last Call: CFP for ICS Cybersecurity Conference Closes July 15th
- Johnson Controls Acquires Tempered Networks to Shield Buildings From Cyberattacks
- Snowflake Launches Cybersecurity Workload to Find Threats Across Massive Data Sets
Latest News
- Critical Vulnerability Impacts Over 120 Lexmark Printers
- BIND Updates Patch High-Severity, Remotely Exploitable DoS Flaws
- Industry Reactions to Hive Ransomware Takedown: Feedback Friday
- Microsoft Urges Customers to Patch Exchange Servers
- Iranian APT Leaks Data From Saudi Arabia Government Under New Persona
- US Reiterates $10 Million Reward Offer After Disruption of Hive Ransomware
- Cyberattacks Target Websites of German Airports, Admin
- US Infiltrates Big Ransomware Gang: ‘We Hacked the Hackers’
