Sandvine has during recent years become infamous for its support to Internet repressive regimes, such as Belarus, Azerbaijan, Egypt, where its DPI equipment is used to block independent media and human rights organizations. This report provides insight on how Sandvine’s equipment performs the blocking, and how it can be detected.
The report, which is a collaboration with the Egyptian citizen journalism platform Al Manassa, proves that Sandvine is being used by at least two providers in the country, state-owned Telecom Egypt and privately owned Orange Egypt.
The report presents two characteristics which can be used to fingerprint the existence of Sandvine equipment in any network. Furthermore, the report confirms that although the Sandvine DPI tears down the majority of connections established to blocked websites, 25% of the traffic goes through the DPI equipment.
Qurium forensics report: How operators use Sandvine to block independent media in Egypt
| [adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – hacking, DPI)
[adrotate banner=”5″]
[adrotate banner=”13″]
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best…
Fintech firm Figure confirmed a data breach after hackers used social engineering to trick an…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in BeyondTrust RS and…
A new alleged Russia-linked APT group targeted Ukrainian defense, government, and energy groups, with CANFAIL…
A new threat actor, UAT-9921, uses the modular VoidLink framework to target technology and financial…
Attackers quickly targeted BeyondTrust flaw CVE-2026-1731 after a PoC was released, enabling unauthenticated remote code…
This website uses cookies.