Iran is undeniably taking some of the most restrictive measures regarding internet connectivity in the world. Recently, the Iranian government effected what was thought to be a near-total cutting off of the internet and mobile phone signal in order to quash the protests that erupted in the country after a dramatic rise in fuel price. Some reports said that about 1,500 people were killed in less than two weeks of unrest which started on November 15th following a direct order from Supreme Leader Ayatollah Ali Khamenei.[1] Network data from the NetBlocks internet observatory confirmed disruptions to multiple fixed-line and mobile providers in Iran as well as showing that internet connectivity dropped to just 4% of ordinary levels during some parts of the shutdown.[2] This practice indicates the extreme scepticism among the Iranian officials towards the role the internet can play in potential social and political transformations.

First and foremost, it can certainly be argued that Iran’s rigid attitude comes from its perception of the internet as a platform for communicative applications which engender social and political changes. However, it can be argued that, these drastic measures are not only due to the authoritarian nature of the Iranian regime, and that the security threats it faces, stemming from the weaponization of the internet by the USA and Israel against the Islamic republic of Iran, should also be factored in. In particular, the first cyber-attack against Iran which used a cyber worm called Stuxnet, developed by both the USA and Israel. This made Iran aware of the role the internet now has as a platform which powerful states such as the USA and Israel are able to use to conduct cyberwarfare against vital civic or military infrastructures. As a result, Iran has adopted a very restrictive approach towards the internet and digital connectivity in general.

The Green Movement

Aware of the emancipatory potential of the internet, authoritarian regimes have been gradually developing various measures to censor and restrict its use in order to keep cultural and political developments under their control. In other words, they developed what Rebecca Mackinnon called “networked authoritarianism” in which the regime has “no transparency or public accountability when it comes to how information networks are shaped, operated, regulated and policed”.[3] Furthermore, the internet needs to be controlled in order to deprive any opposition actor from gaining power in society and competing with the ultimate authority of the regime.

The Iranian state has been implementing hardline policies to keep the internet under control since the Green movement in 2009. The movement erupted against Mahmoud Ahmadinejad’s reelection and saw the Iranian people innovatively using the emerging digital technological tools they had at hand to bypass government restrictions.[4] The Iranian leadership took the decision to militarize the platform and developed a comprehensive plan to control the internet. This was implemented to a greater or lesser degree of efficiency “through ISP licensing, Internet filtering, censorship of sites, control of the speed of the Internet, attempts to inundate the net with favorable content, the criminalization of digital activities, and the arrest of activists”.[5] Internet securitization materialized immediately when the majority of shares of the Telecommunication Company of Iran was sold to the Iranian Revolutionary Guards Corps (IRGC) for $5 billion.

The Stuxnet attack: A case of interstate cyberwarfare

In 2010, Iran was hit with the first “Cyber Weapon of Mass Destruction”. This marked the birth of an unprecedented new phase of interstate cyberwarfare. The USA, in collaboration with Israel, targeted Iran’s most advanced nuclear reactors in its Natanz project with a computer worm called Stuxnet, which was the most sophisticated computer worm at the time. The idea behind Stuxnet derived from the development of an advanced computer worm aimed at sabotaging the uranium centrifuge reactors in the Natanz nuclear plant. Rather than targeting the plant’s computers or even the Windows software in general, Stuxnet was designed to attack a specific version of software used in Natanz. As soon as it penetrates one system, Stuxnet was able to do many damages such as: copying files, monitoring screens, and keyboards turning on audio record of ongoing neighboring conversations, in addition to turning on the system’s Bluetooth to steal data from all smartphones located within the surrounding of 20 meters.[6]

The Stuxnet operation was carried out in a series of phases, the climax of which occurred in March 2010: In its first phase, Stuxnet targeted the system of fuses controlling the uranium flow to the centrifuge units. In the second phase, the malware conducted an attack on the frequency converters system which was responsible for regulating the speed at which the uranium centrifuge units spin. The average speed was between 800 and 1200 rotations per second, but Stuxnet was able to accelerate it to 1410, which is the speed at which many uranium centrifuges crash. By the end of the operation, more than a quarter of the uranium centrifuge equipment had been destroyed, meaning 2000 units out of 8700. American analysts estimate that the Iranian nuclear program was disrupted for a period of 2 to 3 years.

Stuxnet proved how dangerous the scope of cyberattack capabilities can be, transforming the perception of cyberspace’s risks from only disruption and spying driven dangers, to attacks on critical infrastructure and military installations. There is no doubt that “with Stuxnet, cyberattack had entered a new era. The United States and Israel has crossed a line by deploying the world’s first known offensive cyber weapon”.[7] By deploying this weapon against Iran, the USA also transformed Iran’s perception of the internet.

Conclusion

Over the years, Iran’s evolving attitude towards the internet within specific historical contexts has emerged as a distinct approach. While the Iranian leadership views it as essential infrastructure for economic and communication development, it also seeks to control it tightly. This rigidity is derived from the two main reasons explained above: The authoritarian nature of the Iranian regime has no room for tolerating the competing narrative of the opposition facilitated by the emancipatory model of the internet. Iran was the first target of a cyber weapon by its enemies as a forerunner of the wider weaponization of the internet by the West. Both examples clearly explain Iran’s motives for adopting a very restrictive approach towards the internet and digital connectivity in general.

Endnotes:

[1] Special Report: Iran’s leader ordered crackdown on unrest – ‘Do whatever it takes to end it’, Reuters, December 23, 2019, https://www.reuters.com/article/us-iran-protests-specialreport/special-report-irans-leader-ordered-crackdown-on-unrest-do-whatever-it-takes-to-end-it-idUSKBN1YR0QR  

[2] Internet disrupted in Iran amid fuel protests in multiple cities, NetBlocks, November 15, 2019, https://netblocks.org/reports/internet-disrupted-in-iran-amid-fuel-protests-in-multiple-cities-pA25L18b

[3] Rebecca MacKinnon, Consent of the networked: the world-wide struggle for Internet freedom, (New York: Basic Books, 2012).

[4] Iran’s Twitter revolution, The Washington Times, June 16, 2009. https://www.washingtontimes.com/news/2009/jun/16/irans-twitter-revolution/

[5] Ghola Khiabany, “Citizenship and Cyber Politics in Iran,” in Digital Middle East: State and Society in the Information Age, ed. Mohamed Zayani (Oxford University Press, 2018), 217-237. 

[6] Fred Kaplan, Dark territory: The secret history of cyber war (New York: Simon and Schuster, 2016).

[7] Susan Landau, Listening In: Cybersecurity in an Insecure Age (Yale University Press, 2017), 70-71.