Over the past four weeks, the Iranian government completely shut down connections to the global internet while its forces killed thousands of anti-regime protesters around the country. The shutdown follows years of Tehran imposing connectivity filtering, digital curfews, and total blackouts as part of previous attempts to quell unrest. Over more than 15 years, the regime has developed technological and systemic mechanisms to fundamentally control connectivity in the country—including an internal Iranian intranet known as the National Information Network (NIN). But last month’s shutdown, which is partially ongoing, has shed new light on the Iranian regime’s control over internet connectivity and the reach of its digital surveillance capabilities.
Since it imposed an extensive, economically disruptive internet shutdown in 2019, researchers say, the Iranian regime has seemingly worked to refine its digital control playbook so the government can use the NIN to drastically limit and influence the flow of information to Iranians—and even selectively take down some internet access—without the problematic knock-on effects of plunging the entire country into digital darkness. Iran could be disconnected from the outside world, but the internal, state-controlled networks and infrastructure would keep operating.
Surprisingly, the recent shutdown, which started on January 8, took such a crude, blunt-force approach that it seemingly took down the NIN itself for multiple days. This drastic step raises serious questions, researchers say, about what will come next for Iranian connectivity, which is currently still extremely spotty and unstable around the country.
“For some reason, they did not go through their own playbook that has been refined for many years, and they did not execute the shutdown in a way where the NIN domestic network would continue to operate. They basically crippled everything,” a researcher from the internet freedom initiative Project Ainita told WIRED. (They requested anonymity to protect friends and relatives living in Iran.) “We don’t know why it was done this way, but from our vantage point looking at the graphs and the connectivity readings, it looked like there was a panic. It looked very impulsive, and it was very reminiscent of what we saw years ago in previous shutdowns to just pull the plug.”
In addition to its economic impacts, near-total connectivity blackouts eliminate the digital activity that the government would otherwise surveil—leaving a blank spot in the government’s intelligence about its citizens. But analysts say that the extent of the dragnet when connectivity is live is profound, particularly as the government further restricts the global internet and pushes the NIN.
Researchers from the US–based internet freedom and digital rights nonprofit Holistic Resilience released multiple reports on Monday analyzing the digital centralization, telecom infrastructure, and regulatory and legal mechanisms that allow the Iranian government to access virtually any data on the NIN including all communications.
The Islamic Revolutionary Guard Corps “either is a shareholder or a part owner of almost all telecom systems, which means that they have full control over how the information is being processed, and what type of information is being gathered,” says Holistic Resilience researcher Alex Moses. “There's been a systematic move to consolidate all of this data into a massive surveillance ecosystem. All of these individual systems together are part of a bigger picture of mass surveillance that's at an unprecedented level because of the total control from top to bottom of the infrastructure.”
The reports from Holistic Resilience spell out in detail how Iranian laws, regulations, technical infrastructure, interception systems, and other mechanisms are designed to assist in the surveillance of citizens and assert state control. These measures are often supported by companies, individuals, and state-affiliated hackers, the researchers found.