{"id":4998,"date":"2024-09-16T07:20:56","date_gmt":"2024-09-16T07:20:56","guid":{"rendered":"https:\/\/filter.watch\/english\/?p=4998"},"modified":"2025-06-03T08:40:50","modified_gmt":"2025-06-03T08:40:50","slug":"network-and-policy-monitoring-august-2024-crackdown-on-vpn-by-iranian-authorities","status":"publish","type":"post","link":"https:\/\/filter.watch\/english\/2024\/09\/16\/network-and-policy-monitoring-august-2024-crackdown-on-vpn-by-iranian-authorities\/","title":{"rendered":"Iranian Officials Tacitly Declare War on Circumvention Tools"},"content":{"rendered":"

In the past month, Iranian officials\u2014from Majles representatives to cabinet ministers and members of the Supreme Cyberspace Council\u2014have repeatedly pointed to circumvention tools as a major source of problems and insecurity in cyberspace. These developments suggest that Iranian officials see themselves as at war with these technologies and are planning accordingly.\u00a0<\/span><\/p>\n

Though such comments have precedent, it seems the new wave has been triggered by a recent report from the Communications Infrastructure Company. The report stated that in the 21-month period ending in summer 2024, it logged more than 430,000 DDOS attacks, 65% of which originated from infected devices or bot pools.<\/span><\/p>\n

Minister of Communications Sattar Hashemi has also joined the chorus of criticism of circumvention tools. According to Seyyed Javad Hosseini Kia, deputy Chair of the Majles\u2019 Industry Commission, Hashemi said such software was indefensible while advocating for his agenda in meetings with the Majles. \u201cCyberattacks have intensified because of the use of circumvention tools,\u201d Hashemi said.\u00a0<\/span><\/p>\n

Article 6 of the Directive to Investigate Methods of Increasing Domestic Traffic Share and Combatting Refinement-Breaking Tools (issued by the High Cyberspace Council) states that \u201cthe use of tools to break refinement is prohibited, except for those instances permitted by law.\u201d Given this, it appears that Iranian officials are preparing to act against circumvention tools in a serious way.<\/span><\/p>\n

Mohammad Amini Aghamiri, head of the National Cyberspace Center, has recommended two methods to reduce the use of circumvention tools in line with the aforementioned directive.\u00a0<\/span><\/p>\n

Aghamiri believes that either 1) private companies should negotiate with filtered platforms to offer filtered content with mediation, or 2) these companies should create an intermediate utility between users and filtered content to deliver only government-approved content to users.\u00a0<\/span><\/p>\n

Though Aghamiri gave no examples, Filterwatch highlighted one such technique in its April 25, 2024 report entitled \u201cNext-Generation Filtering: Phishing and Other Governable Models.\u201d<\/span><\/p>\n

The technique \u2013 very similar to the one outlined by Aghamiri \u2013 involves a fraudulent copy version of a service or site based outside Iran, which uses an intermediary to receive, investigate, and where necessary censor user requests before sending them to the primary service. Upon receipt, it also censors the primary service\u2019s response before making it available to the user.\u00a0<\/span><\/p>\n

Network Access<\/b><\/h4>\n

On August 27, Iran\u2019s communications network suffered general disruption. According to reports received by Filterwatch, users of Hamrah-e Aval and Iran Cell had severe difficulty connecting with circumvention tools from 1:30 PM local time.\u00a0<\/span><\/p>\n

Figures provided to Filterwatch by the technical division of the circumvention tool Lantern also show a pronounced drop in traffic from this service\u2019s users during the same period.<\/span><\/p>\n

\"\"<\/a>
Loading...<\/figcaption><\/figure>\n

Meanwhile, Cloudflare data indicates that HTTP protocol traffic,used for web browsing,as well as DNS contact, was disrupted at this time. Iran Cell and Hamrah-e Aval, Iran\u2019s two main cell operators, also suffered big drops.<\/span><\/p>\n

\"\"<\/a>
Loading...<\/figcaption><\/figure>\n

Minister of Communications Sattar Hashemi confirmed this disruption in a Twitter post, calling it a result of disturbances to the primary incoming internet lines running through Georgia. The disruptions also affected Armenia and Iraq, Hashemi said.<\/span><\/p>\n

Further investigations by Cloudflare Radar show that IPs registered in the communication spaces of Armenia and Georgia suffered disruptions at this time, indicating severe disturbance verging on total outage.<\/span><\/p>\n

\"\"<\/a>
Loading...<\/figcaption><\/figure>\n

On August 13, Shahryar Datashare (which belongs to ArvanCloud) experienced disruption, likely owing to an electrical outage. ArvanCloud owns 59% of Iran\u2019s cloud service market, and disruptions to the company have a big effect on users. Disruptions due to electrical outages have struck data centers since last month, and Regulatory Organization head Amir Lajevardi confirmed the outages had affected users of both cell and landlines.\u00a0<\/span><\/p>\n

According to Arvan Cloud Radar and Cloudflare Radar, Iran Cell\u2019s data center experienced disruptions most days of the past month. Filterwatch\u2019s field investigations inside Iran show that from at least August 22, disruptions to network protocols caused problems for Iran Cell users attempting to connect to the circumvention tool OpenVPN.<\/span><\/p>\n

The winter 2023-2024 report from the Regulatory Organization shows that Iran Cell controls 42% of the mobile internet market in Iran. Additionally, mobile internet users grew more rapidly than landline-based users during that period. This suggests that the Iran Cell disruption impacted nearly half of all internet users in the country.\u00a0\u00a0<\/span><\/p>\n

\"\"<\/a>
Loading...<\/figcaption><\/figure>\n","protected":false},"excerpt":{"rendered":"

In the past month, Iranian officials\u2014from Majles representatives to cabinet ministers and members of the Supreme Cyberspace Council\u2014have repeatedly pointed to circumvention tools as a major source of problems and insecurity in cyberspace. These developments suggest that Iranian officials see themselves as at war with these technologies and are planning accordingly.\u00a0 Though such comments haveContinue reading \"Iranian Officials Tacitly Declare War on Circumvention Tools\"<\/span><\/a><\/p>\n","protected":false},"author":40,"featured_media":5000,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[4],"tags":[208,209,211,210,185],"class_list":["post-4998","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-network-monitor","tag-circumvention-tools","tag-communications-infrastructure-company","tag-cyberattack","tag-sattar-hashemi","tag-supreme-cyberspace-council","entry"],"acf":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/filter.watch\/english\/wp-json\/wp\/v2\/posts\/4998","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/filter.watch\/english\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/filter.watch\/english\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/filter.watch\/english\/wp-json\/wp\/v2\/users\/40"}],"replies":[{"embeddable":true,"href":"https:\/\/filter.watch\/english\/wp-json\/wp\/v2\/comments?post=4998"}],"version-history":[{"count":0,"href":"https:\/\/filter.watch\/english\/wp-json\/wp\/v2\/posts\/4998\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/filter.watch\/english\/wp-json\/wp\/v2\/media\/5000"}],"wp:attachment":[{"href":"https:\/\/filter.watch\/english\/wp-json\/wp\/v2\/media?parent=4998"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/filter.watch\/english\/wp-json\/wp\/v2\/categories?post=4998"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/filter.watch\/english\/wp-json\/wp\/v2\/tags?post=4998"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}