Armenia-Azerbaijan internet transit: what the claims about security risks indicate
24-06-2026 15:49:12 | Armenia | Press of Diaspora
Civilnet The information about the collaboration between Armenian "Telecom Armenia" and Azerbaijani AzerTelecom has sparked intense discussions on social media. The main question was whether such an internet transit agreement could create security risks for Armenia.
"Telecom Armenia" announced that it has signed a mutual internet transit agreement with AzerTelecom. According to the statement, it will contribute to the diversification of regional communication routes and enhance the reliability of communication.
#CivilNetCheck has highlighted the main claims circulating on social media and discussed them with cybersecurity experts.
One of the claims is that the traffic passing through AzerTelecom's infrastructure could be analyzed and the behavior of Armenian users could be profiled through the DPI mechanism.
DPI, or Deep Packet Inspection, is a mechanism for deep analysis of network traffic. It allows for the examination of not only the basic technical information of data packets but also certain characteristics of the traffic, such as which service or platform is being used.
In other words, even if the connection is encrypted, for example, with HTTPS, DPI typically does not see the content of the communication but can indicate whether the user is, for example, using YouTube, Telegram, or another platform.
Although the agreement pertains to mutual internet transit provision, Arthur Papyan, an information security expert from Team Telecom Armenia, has stated that Armenia, despite having the opportunity to utilize Azerbaijani infrastructure, does not plan to do so. Meanwhile, the Azerbaijani side will be able to provide internet connectivity between the main part of Azerbaijan and Nakhchivan using Armenian infrastructure.
Arthur Papyan mentioned in an interview with #CivilNetCheck that if the Armenian side were to use Azerbaijani infrastructure, it would generally be possible to analyze user behavior. However, according to him, the question is how concerning such analysis could be in practice.
For example, if the Azerbaijani side even knows that part of the Armenian population is using Yandex Taxi, that in itself does not provide any significant information, Papyan said.
"For example, currently a foreign company like Yandex Taxi can see where you ordered from, where you went, and so on. Against this background, a general behavioral analysis based on a huge volume of data, in my opinion, is less concerning," Papyan said.
Armenian cybersecurity expert Hakob Papinyan also notes that such traffic analysis could provide a general understanding of the preferences of Armenian users. For instance, it could be understood that a user is accessing Facebook, but their actions within the platform would not be visible.
Papinyan stated that even if it is understood through traffic that TikTok, Facebook, or Instagram is most accessed in Armenia, it still would not represent the whole picture, as they would only be able to analyze the traffic that has passed through them.
Vahan Hovsepyan, a representative of the regional internet registry for Europe, the Middle East, and Central Asia, RIPE NCC, stated that such traffic analysis can only provide a general picture. To obtain more detailed information about a specific individual or organization, according to him, a high-level investigation is necessary, which can also be conducted without analyzing that traffic, using other mechanisms.
The next claim is that users of fixed or static IP addresses are at great risk because they can be easily identified.
An IP (Internet Protocol) address is the digital address of a device or network connected to the internet. It helps ensure that data is transmitted in the correct direction and reaches the appropriate computer, phone, or other device. An IP address can indicate an approximate location, such as a city or country, the internet provider, and the type of network, but it does not itself reveal the user's exact address or identity.
According to Arthur Papyan, identifying a user with a static IP requires significant resources and capabilities to open and analyze a large volume of traffic. Meanwhile, using spyware like Pegasus, for example, could be cheaper.
Hakob Papinyan also notes that identifying an individual is relatively more complex, while the risk may be higher for organizations using static IP addresses. He stated that in such cases, it is possible to understand which services or platforms the organization is using, and that information could be used to target those services.
According to him, this can be viewed as a potential attack vector from a cybersecurity perspective.
In contrast, Vahan Hovsepyan points out that operators often share one IP address among hundreds or even thousands of users. This significantly complicates the identification of a specific individual or organization.
A claim has been made that AzerTelecom will have the ability to "poison" and redirect BGP routes.
BGP, or Border Gateway Protocol, is one of the main routing mechanisms of the internet. Simply put, it determines which networks traffic should pass through to reach the necessary site or service from the user. In the case of incorrect or manipulated BGP announcements, traffic can be directed the wrong way or become temporarily unavailable.
According to Arthur Papyan, BGP is a fairly old protocol underlying the internet, and there have been and may be issues associated with it. However, he noted that such problems are already beyond the scope of ordinary cybersecurity concerns.
Hakob Papinyan emphasizes that routing is mainly automated, and the system selects the available and optimal path. He stated that complex technical capabilities are required to "poison" or manipulate that process.
Vahan Hovsepyan stated that there are security-related risks with BGP both globally and regionally. He cites the 2008 incident when Pakistani authorities instructed local operators to block YouTube within the country. Pakistan Telecom attempted to do this through BGP routes, but an incorrect routing announcement intended for internal use went beyond Pakistan's borders and spread across the wider internet. As a result, the platform became temporarily unavailable in various parts of the world.
Another claim is that Azerbaijan may use the connection as a means of pressure or intentionally disrupt it.
According to Arthur Papyan, in such a situation, Armenia could also use the opportunity for traffic transit to Azerbaijan as a tool of pressure. Moreover, Armenia is not dependent on a single communication route and receives internet from other directions as well.
Vahan Hovsepyan notes that Azerbaijan does not supply internet to Armenia. He stated that a significant portion of Armenia's internet physically passes through Georgian territory.
It is noteworthy that the 100% shareholder of Caucasus Online is Azerbaijani businessman Nasib Hasanov. However, this does not mean that Armenia's internet connection is solely dependent on that company. Experts state that Armenia has alternative communication routes through other Georgian operators, as well as a southern route to Iran and the Persian Gulf countries. A potential disruption of one communication route may slow down the internet or increase network latency, but the risk of a complete disruption is limited.
On June 23, in a comment to "Armenpress," Alexander Yesayan, the chairman of the board of "Telecom Armenia," stated that under the agreement, the Armenian side is to provide transit internet traffic to Nakhchivan-Azerbaijan direction on a commercial basis. He noted that this is not an internet service but a data transit service via point-to-point communication.
Yesayan also asserted that the cooperation does not foresee data exchange between the countries, and the Azerbaijani side will gain access to the capacity of the communication route, not the data.
* This text was automatically translated by Artificial Intelligence (AI).
ENGLISH 
Հայերեն
Русский
Արեւմտահայերեն
French
