In the face of ongoing protests, the regime has decided to brutally stop Iranians from accessing the global network. A measure made possible by the architecture of the Iranian network, explains the researcher Frédérick Douzet.
Since November 16, Iran has made an unprecedented cut of the Internet. In order to fight the ongoing protests in the country, the Iranian government announced on Tuesday, 19 November, that it did not want the Internet to be "Misused" by the population. The country's operators (there are three – IPM, ITC and TIC – directly controlled by the regime) have blocked, within a day, access to almost all connections between Iran and outside.
If a form of local Internet remains good, accessible to government agencies and some banks or businesses, the population can no longer exchange on the Internet with the rest of the world, and vice versa. Access to international services and applications, based on servers outside Iran (search engines, social networks …), no longer work. As a result, Iran's share of connectivity to the Internet has been in the range of 5% of its usual activity in recent days, according to measurements taken from outside the country by the NGO NetBlocks.
Update: #Iran has now been offline for 52 hours following a government-imposed internet shutdown targeting widespr … https://t.co/EC7GLyJOps
Such blocking of the Internet at the country level has been made possible by the specificities of the Iranian network infrastructure, explains World Frédérick Douzet, professor at the French Institute of Geopolitics (Paris-VIII) and director of Geode (a multidisciplinary research and training center dedicated to the strategic and geopolitical issues of digital technology). She answered our questions on the subject, Wednesday, November 20, with the help of Loqman Salamatian, Kavé Salamatian and Kévin Limonier – a team of researchers, geographers, computer scientists and mathematicians, who studied the structure of the Iranian Internet network.
What have the Iranian authorities done to effectively cut off Internet access for the population?
The Iranian network is connected to the global Internet by only three entry points. These three entry points are operators (IPM, ITC, ICT) controlled by the state, which can cut off access to the global network. The Iranian network has been reconfigured in recent years to allow these three operators to select categories of traffic that can flow between the inside and outside of the network, or block them completely. This does not prevent the network from continuing to operate internally.
Can you describe how this architecture of the Iranian network was designed?
The Internet is a network of multiple, interconnected, independent networks. They are interconnected through a series of physical connections and a stack of protocols that allow them to exchange digital data packets. The Iranian network is designed to allow authorities to control the paths that data takes to block them selectively. Inside the Iranian network, the connections are rich and provide good resilience, because data can travel a multitude of different paths to get from one point to another. The passage to the outside, on the other hand, is under control and is limited to a few paths. It is a form of territorial control of the digital space. Like what, in the digital age, geography, it still serves to make war!
Can we know, from the outside, the services, applications, sites that are no longer accessible to Iranians?
It is very difficult to measure. That said, the Internet is bidirectional, so service and application providers may see a decline in their traffic from Iran. Similarly, platforms like Alexa, which track the origin of traffic to the most visited sites in the world, can give indications. Finally, we can measure the paths taken by the data and find that there are not any more to Iran. It is this type of measurement that has enabled us, in the context of interdisciplinary research, to understand the geography of the network and the state strategy it reveals.
Can Iranians use solutions such as Virtual Private Network (VPN) or proxys (a program to connect to the Internet through intermediaries) to get around the current block?
As part of the current blocking, VPNs would not be of much help because the blocking operation is very sophisticated. The satellite connection could be a solution, but it is hardly accessible for the Iranians. The proximity of a border can potentially allow a connection to a neighboring foreign network.
Is the current situation of Iranians comparable to the way the Internet works in China?
China has designed its network from the outset in such a way as to limit the connection points to the outside, in order to control the contents circulating in cyberspace. Russia is now looking to map its networks to understand how to regain sovereign control over the flow of data. Hence the announcement of an attempt to disconnect the global Internet on 1st April. Iran shows that it has already managed to reconfigure its network to better control it.
Are other countries able to cut off Internet access to their inhabitants in twenty-four hours?
In France or in the United States, the network was built in a free and open, totally decentralized way, in order to favor the circulation of data. It is connected to the rest of the world by multiple channels that we can not close abruptly. Russia is not yet able to do that, but it seems like a goal. In Iran, it is especially a first by the level of sophistication of the cut.
The fact that a country can block such a large scale, and so quickly, threatens the existence, or the balance, of the global Internet network?
We are in a context of strategic competition in which states use cyberspace as a tool of power and assertion of power, at the risk of threatening its stability. Routing is an essential infrastructure for the proper functioning of the Internet but also a real point of vulnerability. That is why, with the World Commission on Cyberspace Stability, we have proposed protecting the public heart of the Internet, which is in the European Cybersecurity Act.