How many phone calls does it take to kill the internet? It seems like an odd question to ask about a network once thought to be strong enough to withstand a nuclear attack. However, first-strike mushroom clouds aren’t the biggest threat to the internet anymore. Just ask the citizens of Libya, Egypt and Syria: nations whose connections have been recently severed, albeit temporarily.
But if you think that the internet’s most vulnerable regions correspond to autocratic regimes or civil war zones, think again. Following the Syrian blackout in late 2012, Renesys, a consultancy that specialises in monitoring and mitigating risks to connectivity, created a map ranking every country’s "risk of internet disconnection". They found resilience has little to do with the presence or absence of jackbooted thugs: Belarus is at "significant risk" of internet disconnection, while China – which blacked out the entire province of Xinjiang for ten months in 2009 and 2010 – is rated at "low risk".
How can this be? Renesys simplified the question of global internet resilience by tracking one metric: the number of so-called "frontier" internet service providers (ISPs) that a country has. A frontier ISP is one that maintains connections or gateways to the global internet at large, not just to its own domestic network. "Not all ISPs have or need connections to the outside world," says Jim Cowie, chief technology officer and co-founder of Renesys. "Comcast, for example, only sells internet service in the United States."
It's this number of international gateways, then, that captures how difficult it would be to snuff out a country's internet pulse. Disable them, and the global web goes dark. The more gateways there are, the more difficult it will be to neutralise all of them.
Even sophisticated, highly networked countries can be at risk of a blackout if their digital frontier has a paucity of global connections. "Iran is a good example of this," says Cowie. "Iran was one of the countries that came to networking really early – they have nearly 100 ISPs all over the country. But very few [of those] are internationally connected ISPs by design." Renesys's map places Iran in the "significant risk" category, one of 72 countries and territories with "fewer than 10 service providers at [the] international frontier."
One advantage in using frontier ISPs as a proxy for internet resilience is that it cuts through any biases from news reports about blackouts in developing world nations. "It doesn't matter whether the damage comes from politics or war or a meteor strike hitting the wrong building," Cowie says. "Vulnerable is vulnerable." Any country with just one or two connections to the global internet has a clear point of failure. By this measure, Syria and Libya are as much at "severe risk" of disconnection as Greenland.
But mere physical connections don't paint a full picture of a country's disconnection risk. Outside of a massive solar flare or electromagnetic pulse, unplugging a country from the global web may be an organisational problem more than anything else.
Would you expect Afghanistan, sundered by war for decades, to be at less risk than its relatively stable neighbour Iran? Probably not, but it is as likely to lose the internet as India, the world's largest democracy. It turns out that the very circumstances that make Afghanistan a near-failed state – regional fragmentation and a central government unable to control local warlords – also make it impossible for Kabul to systematically clamp down on Afghanistan's motley hodgepodge of globally-connected ISPs, which are powered by "various satellite providers, as well as by Uzbek, Iranian, and Pakistani terrestrial transit," according to Renesys.