In April, Mikko Hypponen
, Chief Research Officer of F-Secure, a Finnish computer security firm, received an unusual email. It came from a scientist working at the Atomic Energy Agency of Iran, and read
I am writing you to inform you that our nuclear program has once again been compromised and attacked by a new worm with exploits which have shut down our automation network at Natanz and another facility Fordo near Qom.
According to the email our cyber experts sent to our teams, they believe a hacker tool Metasploit was used. The hackers had access to our VPN. The automation network and Siemens hardware were attacked and shut down. I only know very little about these cyber issues as I am scientist not a computer expert.
There was also some music playing randomly on several of the workstations during the middle of the night with the volume maxed out. I believe it was playing 'Thunderstruck' by AC/DC.
Hypponen was never able to confirm the claims. But the incident followed a spate of other attacks on Iranian infrastructure, like the Stuxnet “cyberweapon,” which infected systems at the Natanz nuclear enrichment plant in 2010 and crippled several thousand centrifuges in the process.
Now, it seems that the Iranians have had enough. Last week, Reza Taqipour, Iran’s Minister of Communication and Information Technology, called the global Internet “untrustworthy” and announced plans to disconnect key government ministries from the worldwide web by September.
"The regime no longer fears a physical attack from the West," Mahmood Enayat, director of the Iran Media Program
at the University of Pennsylvania's Annenberg School of Communications, told
the Wall Street Journal
recently. "It still thinks the West wants to take over Iran, but through the Internet."
Commandeering nuclear sites through the use of technology is one way to “take over” a country. However, certain websites seem to stoke the Iranian government’s fears just as much.
"We have identified and confronted 650 websites that have been set up to battle our regime -- 39 of them are by opposition groups and our enemies, and the rest promote Western culture and worshiping Satan, and stoke sectarian divides," conservative cleric Hamid Shahriari said
in March. “We are worried about a portion of cyberspace that is used for exchanging information and conducting espionage.”
To that end, Iran’s Ministry of Communications and Technology has announced the launch of a domestic intranet -- a completely closed loop that would leave Iranian citizens without online access to the rest of the world.
What would this mean for a country like Iran, which, according to
Rafal Rohozinsky, a principal founder of the OpenNet Initiative
, had the largest concentration of mainframe computers outside the US in the 1970s, boasted a full IBM
(IBM) division in Tehran, and is more connected than anywhere else in the Middle East, save Israel? Can a nation simply flip a switch and disconnect itself from the web?
Pulling the Plug Is Simple to Do
Dr. Craig Labovitz, the co-founder and president of Ann Arbor, Michigan’s DeepField Networks
and a former scientist at Microsoft
(MSFT), worked on the team that actually constructed the worldwide web. He says that while there “are elements of truth” in the popular perception that the Internet is indestructible, the reality is quite different.
“The Internet really is not that hard to take down,” he tells me. “I personally broke the US Internet on a couple of occasions.”
While working on the precursor to the commercial Internet we know today, Labovitz says something as pedestrian as the occasional mistake in a line of code caused him to “knock off most of the colleges and universities in America.”
“There were a lot fewer people back then to notice,” he tells me. “And it was very brief -- a couple of minutes at most, before the calls started coming in. It’s not magic -- you could literally just cut the cable, issue a few commands and disconnect. At the end of the day, the Internet is just wires in the ground.”
However, while it may be technically possible to disconnect a country from the Internet fairly easily, Labovitz concedes that the reality would be incredibly difficult.
“The challenge isn’t technical, it’s really economic and social,” he says. “If Iran were to cut itself off from the Internet, it would have a massive overall impact.”
Indeed, says Eva Galperin
, International Freedom of Expression Coordinator at the Electronic Frontier Foundation, “complete disengagement from the greater Internet is not politically or practically feasible.”
“It is doable, as the Iranian government controls all the ISPs in the country, but the potential costs are enormous,” Galperin tells me. “By keeping them within the country, they maintain control. One tactic the government has used has been to create parallel tools that people find useful, with servers located within Iran. They’ve been working on a clone of Google
(GOOG) Earth, a clone of Twitter, a clone of Facebook
(FB), which lets them surveil all the users. But if Iran would like to continue doing any form of international banking, for example, they need the Internet.”
The “Halal Internet,” as it has been dubbed, “looks like a plan to completely cut off Iran from any ties to the Internet,” says Galperin, “but in actuality, it is clear that it is quite a bit more difficult than they anticipated.” (It was supposed to be up and running this month.)
But It's Hard to Replicate the Real Thing
In fact, Mahmood Enayat of the Iran Media Program doubts the Iranian regime will ever fully implement a closed intranet within the country. He believes the government could order a “just-in-time” shutdown of the Internet “if the political situation warranted it, if the leaders are threatened by people using the Internet to ‘destabilize,’” though the country simply wouldn’t be able to function that way on an ongoing basis.
“To give access to two million users at the same time, Iran requires two things,” Enayat tells me. “One, sophisticated enough hosting inside the country that could cater to a large number of users. Iran doesn’t have that, and the main reason is the sanctions that are in place -- they can’t buy the servers and equipment necessary to run this sort of thing. Two, they don’t have the knowledge or the experience to serve the entire population.”
As Eva Galperin explained, controlling the entire population on an unescapable domestic intranet would entail Iran’s clone programs replacing the full complement of applications currently used. What would an Iranian Yahoo
(YHOO) look like? Or an Iranian YouTube? Not particularly impressive, according to Mahmood Enayat.
“You need to offer content, which Iran doesn’t have,” Enayat says. “If you can’t use Gmail, if you can’t access news sites, what are you going to offer people? Take a look at Aparat.com. It’s Iran’s version of YouTube. No one uses it; it’s a really bad user experience.”
Realistically, Enayat says it's "almost easier to build a nuclear bomb than a better version of Gmail." Thus, even Iran’s leadership doesn’t seem to stoop to the level of their homegrown technology.
“The last time Iran blocked access to encrypted websites, there was a big debate in parliament,” Enayat tells me. “One MP said, ‘We can’t access our Gmail while you’re doing this.' And Khameini himself is on Instagram
There are some who say the ongoing cyberwar between the West and Iran can continue unabated, Internet connectivity or not. As one of the architects of the Stuxnet operation told David Sanger, author of the book Confront and Conceal: Obama’s Secret Wars and Surprising Use of American Power
, that virus was carried into the plant on a USB thumb drive by a worker.
"That was our holy grail," he said
. "It turns out there is always an idiot around who doesn’t think much about the thumb drive in their hand."