Cyberspace Surveying and Mapping in National Power Outages and Network outages Events
Author: Heige (a.k.a Superhei) of KnownSec 404 Team https://twitter.com/80vul 06/15/2021
In recent years, there have been many cases of power outages at the national level due to cyber attacks and other reasons. Of course, there are also occasions when the country actively disconnects from the Internet due to sudden political incidents.
Cyberspace surveying and mapping can grasp the development progress of these events through continuous dynamic surveying and mapping of countries or regions with power outages or network outages, and can even be used to predict certain trend developments, or can draw a country or region’s infrastructure distribution map, etc.
In the following content, I will introduce two papers that are researched in this direction.
Venezuela blackout in 2019
In 2019, Venezuela suffered a large-scale power outage that paralyzed transportation, medical care, communications and infrastructure. The then Venezuelan President Maduro accused this of a “cyber attack” on the country’s power system …
Immediately, the KnownSec 404 Team used ZoomEye combined with the concept of “dynamic mapping” to mine and analyze the country’s cyberspace data during the power outage in Venezuela, Through the data analysis of ZoomEye surveying and mapping, we can find that during the power outage, the distribution of Venezuelan national online cyberspace equipment and the trend of recovery data, and finally realized the country’s cyberspace core infrastructure, cyberspace and physical space mapping and distribution.
For details, please refer to the full text of the paper:
“Zoomeye Cyberspace Mapping — — Impact of 2019 Venezuelan Blackouts on Its Network Critical Infrastructure and Important Information Systems" https://paper.seebug.org/871/
Iran’s network outages in 2019
In November 2019, a Ukrainian passenger plane was shot down over Iran, resulting in the deaths of 176 people in multiple countries. The incident immediately triggered a large number of protests, so the Iranian government implemented a network shutdown, which lasted for a full week starting on November 16, 2019.
In March of this year (2021), on the famous global academic sharing platform ResearchGate (researchgate.net), researchers Antonio Mangino and Elias Bou-Harb from University of Texas at San Antonio shared them the paper that uses “Internet Back-ground Radiation(IBR)” traffic analysis and active surveying and scanning methods to research and analyze the Iranian network outages event.
the full text of the paper: “A Multidimensional Network Forensics Investigation of a State-Sanctioned Internet Outage” https://www.researchgate.net/publication/350499300_A_Multidimensional_Network_Forensics_Investigation_of_a_State-Sanctioned_Internet_Outage
From their research papers, the trend graph of the analysis results of IBR during the network outages event in Iran is consistent with the trend of the active detection results of ZoomEye.
In addition, it is interesting that the paper evaluates the Bitcoin encrypted currency exchange data provided by Blockchain.com to study the relationship between Iran’s disconnection and global Bitcoin mining trends.
Summary
Cyberspace surveying and mapping mainly focuses on data acquisition and analysis and mining of equipment and services in global cyberspace. Through data analysis and mining to form a knowledge system and finally get some decisions, we believe that the application space and prospects of cyberspace surveying and mapping technology are very large and diverse, and not only limited to the impact of vulnerabilities.
ZoomEye is committed to the real network space surveying and mapping search engine, we have been working hard!
