DUBAI, United Arab Emirates: Guns drawn, Iranian intelligence agents rushed into the apartment of a Washington Post reporter and his journalist wife in Tehran.
Threatening to kill Jason Rezaian in front of his wife, Yeganeh, the 20 agents in the July 2014 raid tore through their belongings and rifled through drawers, clothes and valuables for an hour.
But perhaps their most eagerly sought target wasn’t exactly inside the house: They forced the couple to hand over the passwords to their email and social media profiles.
That raid demonstrated how much of a threat Iran’s theocratic government sees in the Internet. It has long sought to strictly control cyberspace and social media — and, thereby, the flow of information to the public.
But the Islamic Republic’s relationship with the world wide web is far more complicated than simple repression. Over the past four years, authorities have encouraged wider use of the Internet among Iranians, hoping to generate the benefits of a more modern economy. As a result, nearly half the population has in its pockets a tool that the state is struggling to constrain: smartphones, with cameras and Internet links that let anyone broadcast to the world.
Those smartphones helped spread the startling burst of protests across Iran that opened 2018. The government succeeded in suffocating the flare-up in part by shutting off key social media and messaging apps, but the lesson was clear: The same oxygen that can resuscitate commerce can also give breath to potential revolt.
Authorities’ solution has been to create a so-called “halal net,” Iran’s own locally controlled version of the Internet aimed at restricting what the public can see.
As Iran approaches the 40th anniversary of the revolution that brought its cleric-led rule to power, how it handles the power of cyberspace will be crucial to its future, determining whether it moves to greater openness or seals itself off from the world.
“The Islamic Republic is not black and white. It shows a myriad of contradictions and its Internet policy ... is one of the great examples of those contradictions,” said Sanam Vakil, an associate fellow at Chatham House who studies Iran. “The government has taken the Internet and effectively used it for its own purposes and also has realized the dangers of it as well.”
Since the 1979 Islamic Revolution, how information spreads across mass media has been tightly controlled.
All television and radio broadcasts within Iran are from state-run stations. Satellite dishes remain ostensibly illegal, though they are plentiful, drawing occasional attacks from bat-wielding government enforcers. Journalists face restrictions in what they can cover and where they can travel across a country of 80 million people that’s nearly two-and-a-half times the size of Texas.
The Internet helped collapse that distance. During Iran’s 2009 protests surrounding the disputed re-election of hard-line President Mahmoud Ahmadinejad, still nascent social media spread word of the events among Iranians and brought videos of the shooting death of 26-year-old Neda Agha Soltan to the world.
Iran’s government, overseen by Supreme Leader Ayatollah Ali Khamenei, violently suppressed the demonstrations. The crackdown killed dozens and saw thousands imprisoned, with some tortured by their jailers.
Even before the 2009 protests, Iran blocked access to YouTube. Twitter and Facebook followed amid the unrest, as did many other sites later. Some in Iran began using virtual private networks, or VPNs, which allow users to bypass government censorship.
The chief difference between then and the protests that rocked the country coming into 2018 was the massive proliferation of smartphones. As recently as 2014, only an estimated 2 million Iranians possessed one. Today, estimates suggest Iranians own 48 million.
That explosive growth was spurred by the administration of President Hasan Rouhani, a cleric who is a relative moderate within Iran’s system. His officials allowed more mobile phone service providers to offer 3G and 4G Internet, suddenly making sharing photos and images possible. Home Internet connections became faster. The encrypted messaging platform Telegram spread like wildfire. Over 40 million Iranians are estimated to use it, for everything from benign conversations to commerce and political campaigning.
In the recent unrest, protesters used Telegram’s mass-messaging channels to share information and videos across 75 cities and towns where demonstrations erupted. Some showed people openly in the streets shouting, “Death to Khamenei!” It shocked many, especially as such cries could bring a death sentence.
When the government temporarily blocked Telegram as well as Instagram, it helped smother the protests within days. Notably, however, Telegram’s silencing quickly brought complaints from businesspeople who use its channels to promote and sell their goods.
Even after the unrest, Rouhani argued it was futile trying to shut off an indispensable tool of modern life.
“If you want cyberspace to be useful to the community, come forward with a solution using it to promote the culture instead of blocking it,” he said, noting that past Iranian government tried to stop people from listening to the radio “but this prevention was useless.”
The danger — and potential — of the Internet as a weapon came into focus for Iran when it faced the world’s first cyberweapon almost a decade ago.
At the height of tensions between Tehran and the West over its nuclear program, thousands of centrifuges enriching uranium at Iran’s underground Natanz facility suddenly began spinning themselves to death. They had been hit by the Stuxnet computer virus, widely believed to be an American and Israeli creation.
Material leaked by Edward Snowden, the former National Security Agency contractor who exposed US government surveillance programs in 2013, suggested Iran at the time was the country where American spies collected the most electronic data.
Beginning in 2011, Iran worked to strike back.
Among the most spectacular cyberattacks attributed to Iran is Shamoon, a virus that hit the state-run giant Saudi Arabian Oil Co. and Qatari natural gas producer RasGas, deleting hard drives and displaying a picture of a burning American flag on computer screens. Saudi Aramco ultimately shut down its network and destroyed over 30,000 computers. A later iteration of Shamoon in late 2016 caused even more damage.
The US blames Iranian hackers for a denial-of-service attack that overwhelmed six major American banks in 2012. US prosecutors in 2016 accused hackers believed to be backed by Iran of attacking dozens of banks and a small dam near New York City. They also have been suspected of targeting the email and social media accounts of Obama administration officials.
Analysts and security experts believe many of these hackers likely receive backing from Iran’s Revolutionary Guard, a powerful paramilitary and economic force in the country answerable only to Khamenei himself.
The Guard employs more direct means as well, like its wresting away of the passwords of Rezaian and his wife, recounted in a lawsuit he filed against the Guard and Iran in US federal court.
Similarly, it seized control of the Facebook and email accounts of Iranian-American dual national Siamak Namazi, who remains detained in Iran along with his octogenarian father Baquer. The Guard then pretended to be Namazi in correspondence with US government officials and others, like New Yorker journalist Robin Wright, tricking them into opening a file that gave the hackers access to their computers.
Cyberespionage is even used in Iran’s internal rivalries, with attacks on members of the government, particularly officials in Rouhani’s Foreign Ministry, including Zarif, according to a recent report by the Carnegie Endowment for International Peace.
“The targeting of members of government — individuals that have already been vetted by the regime — reflects the importance of cybersurveillance as a tool of the hard-line security establishment to monitor potential rivals for power,” the report said.
Then Iran moved to target the Internet itself.
The idea of Iran setting up its own “halal,” or “permissible,” Internet first came in 2011 in the wake of the 2009 protests. It’s evolved into what’s known as the National Information Network.
It is essentially a net neutrality supporter’s nightmare: The network has some 500 government-approved national websites that stream content far faster than those based abroad, which are intentionally slowed, according to a recent report by the Campaign for Human Rights in Iran. Service providers offer cheaper packages to customers accessing only the NIN websites. Search results also are gamed within the network, allowing the government to censor what users find.
One of the principal designers of the network is the Iran Telecommunications Co., owned by proxies of the Guard.
It resembles in a way China’s “Great Firewall,” which blocks access to thousands of websites, from Facebook to Twitter to some news outlets. Chinese Internet users also find access to websites outside of the country slower.
“Iran’s National Information Network may lack the name cachet of the ‘Great Firewall,’ but its performance in strangling access to opposition content during the most recent protests proved that Iran is hard on China’s heels in terms of controlling the flow of information,” the private US intelligence firm Stratfor wrote in a Jan. 17 analysis.
Firuzeh Mahmoudi, the executive director of the San Francisco-based group United for Iran, said authorities have had success in getting businesses to operate on the NIN. The more they do so, he warned, “the easier it will be for them to shut down or throttle the real Internet when they want to.”
Hard-liners have suggested removing Iran entirely from the Internet and creating its own at home.
“Cyberspace was the kindling in the fire of the battle,” hard-line cleric Ayatollah Ahmad Khatami recently told worshippers at Friday prayers in Tehran. “When cyberspace was closed down, the sedition was stopped. The nation does not support a social network that has its key in the hands of the United States.”
Amid the protests, the Trump administration said it wanted to help Iranians access the Internet. The US Treasury sanctioned the Guard, Iran’s Supreme Council of Cyberspace and other officials for “engaging in censorship.”
Top Trump administration officials have met with Google, Facebook, Twitter and other leading tech companies to ask what more they can do to help people in Iran and other authoritarian-run countries communicate freely, according to US officials briefed on the meetings.
But fear of crossing US sanctions has made companies skittish. Some firms don’t allow their services to be used in Iran. That prevents Iranians from accessing many encrypted communication apps or VPNs.
Even when the Trump administration has floated the possibility of easing some sanctions or offering carve-outs, some tech companies have been reluctant to offer more services in Iran, said the officials, who weren’t authorized to discuss the conversations and demanded anonymity.
So it remains in question whether Iranians will have access to an open Internet if anger over the economy boils over into protests again, as many predict it will.
“We believe that the US government could do more to enable the free flow of information in Iran and establish a thriving entrepreneurial civil society independent of the regime,” said Morad Ghorban of the Washington-based Public Affairs Alliance of Iranian Americans. “This movement has continued despite persecution by hard-line elements.”