Iran building a private, isolated Internet, but can it shut out the world?
Can a country succeed in building its own Internet, essentially a nationwide intranet cut off from the rest of the online world?
That could be what Iran is planning to do, in an effort to create what’s been called a “Halal” Internet free of what it deems offensive content and Western influence, and on which it would be easier to identify and track users.
Speculation about Iran’s intentions has been around for a couple years, but the topic picked up steam recently with several reports, denied by Iran, that its national intranet could launch either in May, June or August this year.
The August date was based on a supposed interview circulated online with Reza Taghipour, Iran’s communications minister. The communications ministry later denounced that interview as a hoax serving "the propaganda wing of the West,” and denied plans to cut off Internet access, Agence France Presse reported April 10.
But Iran does have plans for a closed "national information network" that Taghipour in early April said would be completed by March 2013, according to AFP. At the time, he didn’t say whether it would run along side the Internet or whether the country would be closed off from outside communications.
Iran, which in the 1990s became the second Middle Eastern country, after Israel, to go online, has been trying to gain control of Internet traffic for some time, increasing censorship while building its internal network. In February 2011, during pro-democracy protests in the Middle East, an Iranian news agency reported that 60 percent of the nation's homes and businesses would soon be on the new network, which would cover the country within two years, the Wall Street Journal reported in December 2011.
A series of reports over the past year have stated that Iran was developing its own operating system, e-mail system and other tools to go with the new network, and that users would have to give their identities to the government in order to gain access.
Among the goals of the new network is clamping down on dissent, Western influences and material such as pornography, along with keeping outsiders from fanning the flames of protest, the WSJ reported in March. The country’s Supreme Leader Ayatollah Ali Khamenei created the Supreme Council of Cyberspace, made up of the heads of the country’s intelligence, militia and security ministries, the Iranian Revolutionary Guard Corps and media organizations to govern cyberspace within Iran, and have the power to enact laws, the WSJ said.
Along with censoring content and monitoring its users, Iran also is thinking in terms of security. In announcing the council, one of its members said, "We are worried about a portion of cyberspace that is used for exchanging information and conducting espionage," an apparent reference to the Stuxnet worm, which infected centrifuges in Iranian uranium processing facilities, disrupting the country’s nuclear program.
Meanwhile, Iran has continued cracking down on Internet activity, particularly on methods used to provide a measure of security and anonymity to users.
In October 2011, Iran reportedly moved to shift its domain name hosting in-house, in preparation for the new national network.
In February, the Electronic Frontier Foundation reported that Iran had begun blocking a number of services that use HTTPS, the Secure Sockets Layer-encrypted version of the HTTP protocol, used for secure transactions. The sites included banks, Gmail and some other Google services, Hotmail, Twitter and Facebook (when HTTPS is turned on).
The blockage led some to suggest turning HTTPS off to regain access, which the EFF warned was “dangerous advice that can expose Iranian users to government surveillance of their e-mail and other private data.”
Iran’s firewalls, increasing in strength, also blocked ports for Virtual Private Network tools, which have been another way users could get around being monitored.
And on April 6, the site War for the Web said Iran had started blocking traffic using Tor, a program that allows users to remain anonymous by masking their activities, which had been gaining popularity in Iran. “By blocking Tor traffic, Iran is basically telling its citizens that it will monitor their Internet traffic, and it will prevent them from disguising it,” the site said.
But do these acts add up to an effort to cut the country off from the rest of the Internet?
The WSJ report from December quoted experts on Iran as saying it was unlikely that Iran could completely cut itself off, and that it was more likely to run dual networks — with outside access for the privileged — like those used by repressive regimes in Myanmar and Cuba.
But there are also differences among those countries. Iran has a fairly well-developed Internet culture, while Myanmar and Cuba are poor countries that have always lagged behind.
Myanmar’s military government maintains tight control of the Internet through software-based censorship, hardware constraints, strict laws against what it deems misuse, and high prices for Internet access that keep most people offline.
Cuba maintains an outside network for government and tourism activities, but inside the country most people’s access is limited by low bandwidth, strict censorship and high prices. Cuba’s Internet penetration is estimated to be between 1 and 3 percent, among the lowest in the world.
Whether Iran will run dual networks or seal itself off is still up in the air (if nothing else, it does seem intent on eliminating anonymity), but how it implements its internal nationwide network will be closely watched — by free-Internet advocates, other repressive regimes and security professionals as well. The idea of an alternate Internet, for security reasons, has even been floated in this country.
At an event in Washington in May 2011, Steven Chabinsky, deputy assistant director of the FBI’s Cyber Division, suggested that an alternate network architecture that provides greater visibility and less privacy could be necessary to secure government systems.
In October, Shawn Henry, the bureau’s executive assistant director, echoed that call, saying that an alternate Internet accessible only by known, trusted identified parties could be the only way to deal effectively with the growth of cyber threats.
Kevin McCaney is editor of Defense Systems. Follow him on Twitter: @KevinMcCaney.