How exactly does an ISP implement arbitrary blocks like this, anyway? Do they hard-code routes to override what their upstream ISP advertises?
(Also, isn't it odd that The Pirate Bay doesn't have any AAAA records? That seems like something that ISPs and governments have no experience with yet and hence would make it rather easy for experienced users to get around blocks. Their DNS server has an IPv6 address; why not www?)
They were ordered to do both IP-level and DNS-based tampering.
Any ISP will already have some IP-based blocking mechanism system in place for fending off operational emergencies such as DDoS. Router ACLs and null routes are common ways to do this. In fact ISPs in Finland are required to block SMTP traffic from residential customers by default (except to their own relay servers).
The DNS side they probably had to improvise somehow, possibly by just configuring their own DNS servers as authoritative for the victim domains.
(Also, isn't it odd that The Pirate Bay doesn't have any AAAA records? That seems like something that ISPs and governments have no experience with yet and hence would make it rather easy for experienced users to get around blocks. Their DNS server has an IPv6 address; why not www?)