Cybersecurity PC alert
Iran decided to block 256 websites using a hacking technique that made the websites also not load for users in multiple countries iStock

A move by the Iranian government to block hundreds of websites – deemed unsuitable to the public – has accidentally had a knock-on effect of preventing users in many other countries from accessing the sites as well.

Iran's state telecom was ordered to implement censorship of 256 websites, including many pornographic sites from being accessed within the country and, rather than simply blocking the IP addresses of each website server, the telecoms provider decided to use a networking hijacking attack called BGP hijacking instead.

BGP hijacking, also known as IP hijacking, involves exploiting a security vulnerability affecting the Border Gateway Protocol (BGP), which is a crucial component of the internet that determines routing paths. So essentially, Iran 'broke the internet' to ensure its ban went through.

As The Verge says, any network is allowed to announce a route to any IP address, and it is considered to be a good idea to have multiple routes announced. This is so that when a user types in a URL on their web browser, their internet service provider (ISP) has essentially many sign posts for how to find the site they want.

This is meant to make the internet more efficient, but because the security vulnerability has never been fixed, it also makes it easy for any network to announce a 'bad' route that doesn't go to the website you want at all.

Iran announced a whole bunch of fake routes to the websites it decided to ban, and some ISPs in the world picked up these routes by mistake, meaning that users in Russia (RETN), Hong Kong (Hutchison), India (Bharti Airtel) and Indonesia (Telekomunikasi) also received blank webpages when they tried to access any of the 256 websites that were banned.

Even worse, Iran's national telecom is apparently pivotal to the transit of data in the Middle East, which means that many ISPs in the region also follow routes announced by the country – suggesting that Iran's web censorship decisions were being imposed in other countries too, such as Oman.

It took over 24 hours before the ISPs around the world realised what was happening, and many of the fake routes have now been blocked, thus restoring access to these websites. However, no one currently knows whether Iran's overreaching website ban was deliberate, or just an accident.