Iran’s internet down amid reports of U.S.-Israel cyberattacks
Mirşad Saraylic | Istock | Getty Images
Iran is facing a severe internet outage affecting its population of more than 90 million as the country’s conflict with the United States and Israel continues.
According to the report, the country has now experienced an almost complete internet outage for more than 60 hours. data Independent internet watchdog NetBlocks posted on Tuesday that connectivity was at about 1% of normal levels.
NetBlocks attributed the outage to a nationwide internet blackout “imposed by the regime”, but the country’s government had no comment.
Internet shutdowns have been used in the past during periods of social unrest. A similar near-blackout was implemented for several weeks in January amid widespread protests in the country.
Internet analyst Doug Madory said in a statement that any limited activity could be due to Tehran’s “whitelisting” system, which grants internet access to groups loyal to the government and essential to its operations. to mail In X.
Other analysts said additional factors may have contributed to the internet outage.
“While the actual cause is still unclear, it is almost certain that it is a combination of both state-ordered suppression and external cyber disruptions,” Kathryn Raines, cyber threat intelligence team leader at intelligence platform Flashpoint, told CNBC.
“Historically, the Iranian regime’s tactic in times of crisis is to cut off internet access to control the internal narrative and mask internal security pressures,” he said.
“However, we also know that simultaneous US-Israeli cyber operations deliberately targeted telecommunications infrastructure to disrupt the Islamic Revolutionary Guard Corps’ (IRGC) command and control networks during kinetic attacks.”
US-Israeli cyber attacks
Reports suggest that in addition to airstrikes, US and Israeli actors have also carried out cyber attacks on Iranian facilities and infrastructure.
By the way According to Reuters, US-Israeli actors targeted several government-affiliated Iranian news sites with hacks and cyberattacks.
These attacks also included BadeSaba Calendar, a popular religious calendar app downloaded more than 5 million times, which displayed warnings urging the armed forces to “lay down their weapons and join the people” and saying “It is time for reckoning.”
Flashpoint’s Raines told CNBC that they observed Iranian users taking screenshots of unauthorized push notifications.
Raines said user-generated evidence confirms that in at least one case, cyber and psychological warfare campaigns successfully bypassed Iranian state censors before the regime locked down the network.
U.S. Cyber Command did not respond to requests for comment. CNBC could not reach BadeSaba’s owners for comment.
Iranian state television in January reportedly A video briefly showing the speeches of US President Donald Trump and the exiled son of the last shah of Iran calling the people to revolt was hacked.
Cyber retaliation?
Analysts say the lack of internet connectivity in Iran will further increase the fog of war, with citizens in the region unable to communicate with their families, document events or receive real-time updates on the conflict.
Cybersecurity firms have warned that Iran is likely to respond to cyberattacks carried out directly by the government or its proxy groups.
In a statement shared with CNBC, CrowdStrike’s head of counterattack operations, Adam Meyers, said the firm was “already seeing activity consistent with reconnaissance and attempts by threat actors and hacktivist groups affiliated with Iran.” [denial-of-service] attacking.”
“These behaviors often precede more aggressive operations,” Meyers said.
“In past conflicts, Tehran’s cyber actors have aligned their activities with broader strategic objectives that increase pressure and visibility on targets including energy, critical infrastructure, finance, telecommunications and healthcare.”
In a law enforcement bulletin reportedly Released shortly after the US attacks began, the Department of Homeland Security warned that Iran-linked hacktivists could carry out low-level cyberattacks against US networks, but said a large-scale physical attack was unlikely.
Attacks from Iran’s proxy groups are more likely than a coordinated, top-down state response, with attacks weakening Tehran’s central command, according to Flashpoint’s Raines.
Regardless, he said, the conflict showed that cyber operations were no longer a secondary domain but a fully integrated weapon of hybrid warfare.
“I foresee the blowback from this physical conflict being fought primarily in cyberspace long after the missiles have stopped falling.”
