Behind the scenes of Internet shutdowns

Internet outages typically take the form of total Internet blackouts or social media blocks.

Closer to this, is Internet throttling, where Internet speeds are restricted so severely that anything beyond simple text-based communication, or love streaming of a video becomes impossible.

We explore how governments and Internet Service Providers (ISPs) use a number of methods to implement these internet restrictions.

A recent research published by TOP10VPN, a tech firm that tracks internet disruptions across the globe in its report, ‘Global Cost of Internet Shutdowns’ has some interesting revelations.

 Network shutdown

This perhaps has been described as the crudest method of blocking access to the Internet.

This happens when Internet Service Providers and mobile carriers power down critical circuits or paths that make up the country’s telecommunications network.

Governments that have complete control over their countries’ network may also install an “internet kill-switch”- a counter measure concept of activating a single shut off mechanism for all internet traffic in a country.

This concept behind having a kill switch is based on creating a single point of control for a single authority to control or shutdown the internet to protect it or its users.

Border Gateway Protocol Manipulation

An Internet service provider can make the Internet Protocol (IP) addresses of any number of its customers to “disappear” from the Internet, effectively cutting off access for those people.

An IP address is a unique address that identifies a device on the Internet. This unique numerical address allows devices to find and communicate with each other.

This is more precise than a full network shutdown and allows for exceptions to be made, such as for government officials. 

Internet Protocol Address Blocking

Websites and apps rely on web servers to host their content, each of which has its own Internet Protocol (IP) address.

An Internet protocol address is a unique address that identifies a device on the Internet. As multiple websites and services can be hosted on a single internet protocol address, this method of internet shutdown often leads to unintentionally blocking more than was intended.

Internet service providers can create lists of Internet protocol addresses that correspond with services they want to block and then block all internet traffic to or from those internet protocol addresses.

Domain Name System Filtering

A domain name is simply a destination you type in to a web browser- such as www.google.com.

Domain name system filtering is more precise as it targets the domain name rather than an internet protocol address.

Browsers such as Google Chrome rely on intermediate devices called domain name system resolvers to perform lookups for specific web addresses on these databases and retrieve the relevant destination of an internet protocol address.

Internet service providers can programme these domain name system resolvers to return incorrect information for particular domain name lookups, such as twitter.com not existing.

When this happens, users are met with an error page instead of the website or app loading as normal.

 Deep Packet Inspection (DPI)

Deep packet inspection examines the full contents of the data packets making up internet traffic on a network to allow for blocking of specific content or applications.

 This method relies on devices between the end user and the rest of the internet, known as middleboxes and which form a key role in internet censorship in places such as China.

Manufacturers include companies such as Huawei and Allot.

The method is also very effective at reducing or blocking speeds for specific types of traffic, such as video or Voice Over Internet Protocol (VOIP).

As a result, one has to use virtual private networks to bypass deep packet inspection. 

Bypassing Internet shutdown

It is not possible to bypass a full internet blackout and actually get online in any normal way. However, there are still countermeasures available to avoid becoming completely isolated.

Virtual private networks

This works by encrypting a user’s internet connection and changing their internet protocol address.

A virtual private network allows a user to easily access sites and apps that have been blocked.

Some internet shutdowns will also incorporate protocol blocking to prevent VPNs being used to circumvent them.

Tor

Tor is a free, open-source system designed to enable anonymous communication on the web. The name comes from the original project name: “The Onion Router”.

Like a VPN, Tor encrypts your activity and hides your internet protocol address, enabling users to access blocked online services.

The complete anonymity provided by Tor makes it worth the trade-off in terms of speed and usability. For everyone else, a VPN is the better option.

Signal

Facebook Messenger and WhatsApp are frequently affected when governments block social media, making it difficult for loved ones to communicate in countries where these platforms might be the only reliable method of personal communication.

Make sure that you and anyone you might need to contact during an internet outage has installed Signal, which has the added benefit of being more secure than other messaging platforms.

Bluetooth Mesh Networks

These apps create local peer-to-peer mesh networks that rely on bluetooth rather than the internet to exchange messages and data.

Apps such as Bridgefy and FireChat can be used to communicate when governments cut off internet access completely.

Roaming SIM card

If a government Internet shutdown appears likely and getting online is critical, it is worth preparing ahead of time and acquiring international roaming SIM cards from a neighbouring country.

Foreign mobile carriers will not be affected by any outage and will allow you to get online, albeit at potentially significantly extra cost.

Sneakernet

A sneakernet refers to using human movement to physically deliver information between people affected by an internet outage.

Download and store important information on thumb drives or external hard drives, ideally encrypted using software such as Veracrypt, and give it to someone traveling to the location of your intended recipient.