Stay Updated Icon

Subscribe to Our Tech & Career Digest

Join thousands of readers getting the latest insights on tech trends, career tips, and exclusive updates delivered straight to their inbox.

Iran Confirms National Internet Shutdown to Counter Israeli Cyberattacks Amid Escalating Tensions

5:39 AM   |   21 June 2025

Iran Confirms National Internet Shutdown to Counter Israeli Cyberattacks Amid Escalating Tensions

Iran Confirms National Internet Shutdown to Counter Israeli Cyberattacks Amid Escalating Tensions

In a significant development underscoring the escalating digital dimension of the conflict between Iran and Israel, Iran's government has officially confirmed its role in the recent, near-total national internet blackout. The shutdown, which plunged virtually the entire country offline earlier this week, was initially met with confusion and speculation regarding its cause and perpetrator. Now, Tehran states the drastic measure was a necessary defensive action taken to safeguard critical national infrastructure against what it describes as a wave of Israeli cyberattacks.

The internet went dark across Iran, severely impacting the ability of its citizens to access information about the ongoing conflict with Israel, communicate with family and friends both domestically and internationally, and conduct daily online activities. Web monitoring firms quickly reported the widespread disruption, noting the unprecedented scale of the outage. As reported by TechCrunch, the event was described as a "near-total national internet blackout," highlighting its severity and reach.

Government Justification: Security Concerns and Cyber Threats

Fatemeh Mohajerani, the spokesperson for Iran's government, was quoted in local media explaining the rationale behind the shutdown. Her statements reveal a direct link between the internet restrictions and perceived threats emanating from cyber operations attributed to Israel. "We have previously stated that if necessary, we will certainly switch to a national internet and restrict global internet access," Mohajerani stated, emphasizing security as the primary concern.

She elaborated on the nature of the threats, citing ongoing cyberattacks targeting the country's critical infrastructure and disruptions affecting essential services like banks. "Many of the enemy’s drones are managed and controlled via the internet, and a large amount of information is exchanged this way," she added, suggesting that the internet was being used as a conduit for military or intelligence operations against Iran. Furthermore, she referenced a recent hack on a cryptocurrency exchange as another factor influencing the decision to impose restrictions.

This official acknowledgment marks a departure from typical responses to internet disruptions in Iran, which are often attributed to technical issues or remain unexplained. By framing the shutdown as a defensive maneuver against foreign aggression, the government seeks to legitimize an action that has profound implications for civil liberties and economic activity.

The Shadowy Hand of Predatory Sparrow

Mohajerani's reference to specific cyber incidents points directly to the activities of Predatory Sparrow, a mysterious hacking group that has repeatedly targeted Iranian entities. This group, also known by its Farsi name "Gonjeshke Darande," has claimed responsibility for several high-profile disruptions within Iran, asserting its actions are aimed at harming the ruling regime. While the group purports to be pro-Israel hacktivists, the exact nature of their affiliation and capabilities remains a subject of speculation among cybersecurity experts and intelligence analysts.

Predatory Sparrow has a track record of successfully disrupting key services in Iran. Notable past incidents include attacks on gas stations, causing widespread chaos and long queues, and disrupting operations at steel plants, impacting industrial output. These actions demonstrate a capacity to strike at vital sectors of the Iranian economy and infrastructure, going beyond mere data theft or defacement.

The recent incidents cited by the Iranian government, the hacks on Bank Sepah and the cryptocurrency exchange Nobitex, align with Predatory Sparrow's stated objectives and past targets. The attack on Bank Sepah, a major state-owned bank, and Nobitex, one of Iran's largest crypto exchanges, would likely be seen by the government as direct assaults on the country's financial stability and critical infrastructure, providing the immediate pretext for the internet shutdown. The group's history of disruptive attacks is well-documented, including a timeline of their activities covered by Wired.

The Concept of a "National Internet"

The Iranian government's mention of potentially switching to a "national internet" is not a new concept in the country. For years, Iran has been working on establishing a National Information Network (NIN), sometimes referred to as a "halal internet" or intranet. The stated goal of the NIN is to provide a secure, high-speed domestic network for internal communications and services, independent of the global internet. Proponents argue it enhances national security and promotes local content. Critics, however, view it as a tool for greater state control, censorship, and isolation from the outside world.

A national internet infrastructure would theoretically allow the government to wall off the country's digital space, controlling the flow of information and communication more effectively than filtering or blocking specific websites or services on the global internet. In times of perceived crisis or unrest, switching to the NIN could enable the government to maintain internal communications and essential services while cutting off access to international platforms like social media, foreign news sites, and encrypted messaging apps, which are often used for organizing protests or disseminating information outside state control.

The recent shutdown suggests that Iran may have activated or partially activated components of this national network, or at least demonstrated the capability and willingness to disconnect from the global internet when deemed necessary for security reasons. While a complete and seamless transition to a fully functional national internet remains a complex technical and logistical challenge, the blackout serves as a stark reminder of the government's intent and potential to exercise ultimate control over digital connectivity.

Human Impact: Cut Off in a Time of Crisis

While the government frames the internet shutdown as a necessary security measure, the immediate and profound impact on the lives of ordinary Iranians cannot be overstated. In the midst of heightened tensions and Israeli bombardments, access to reliable information and the ability to communicate are not luxuries but necessities. The blackout has severed these vital links, leaving many feeling isolated and vulnerable.

Amir Rashidi, director of cybersecurity and digital rights at Miaan Group, shared a poignant personal account with TechCrunch, highlighting the human cost. His family had evacuated Tehran due to warnings of impending Israeli strikes in their neighborhood. The internet shutdown meant he lost contact with them, leaving him anxiously awaiting updates through indirect means. "I haven’t heard from them in two days, but someone is supposed to update me. I hope everything is okay," Rashidi said, illustrating the emotional toll of being unable to reach loved ones during a crisis.

The communication breakdown extends beyond the internet. According to Rashidi, even traditional phone calls from outside the country to inside were cut off, resulting in meaningless recorded messages for those attempting to connect. This near-total communication black hole underscores the severity of the restrictions imposed.

Nariman Gharib, an Iranian activist and independent cyber-espionage investigator based in the U.K., corroborated the widespread nature of the shutdown. He noted that only a small fraction of the population, primarily those with advanced technical skills or fortunate enough to have specific types of connections, were able to bypass the restrictions using tools like virtual private servers (VPS) as proxies. "There aren’t that many people able to get online," Gharib told TechCrunch, emphasizing that even for tech-savvy individuals, maintaining connectivity was extremely difficult due to the comprehensive nature of the shutdown.

The inability to access information is another critical consequence. During a conflict, the internet is a primary source for real-time updates, safety information, and news from diverse sources. A blackout leaves the population reliant solely on state-controlled media, hindering their ability to make informed decisions about their safety and well-being. It also prevents the outside world from receiving unfiltered accounts of events happening within the country.

Cyber Warfare as a Dimension of Geopolitical Conflict

The incident highlights the increasing role of cyber operations in modern geopolitical conflicts. States and state-sponsored actors are actively engaged in cyber espionage, sabotage, and disruption campaigns targeting adversaries' critical infrastructure, economies, and information systems. The conflict between Iran and Israel has long had a significant cyber dimension, with both sides reportedly engaging in offensive and defensive cyber activities.

Cyberattacks offer several advantages in conflict: they can be deniable, cause significant disruption without kinetic force, and are often less costly in terms of human lives on the attacking side. However, they also carry risks, including unintended consequences, escalation, and the potential for attacks to spill over and affect civilian populations or global systems.

Predatory Sparrow's attacks, if indeed linked to Israeli interests, represent a form of disruptive cyber activity aimed at pressuring the Iranian regime by impacting its infrastructure and economy. Iran's response, the national internet shutdown, can be seen as a defensive measure, albeit one with severe collateral damage to its own population. It reflects a strategic choice to prioritize national security and control over information flow, even at the cost of widespread disruption and isolation.

The decision to shut down the internet on a national scale is a drastic measure typically reserved for moments of extreme perceived threat or internal unrest. It requires significant technical capability to implement and has far-reaching consequences. It disrupts businesses, education, healthcare, and personal communications. It also raises serious human rights concerns regarding freedom of expression and access to information, rights enshrined in international law.

Historical Context of Internet Control in Iran

Iran has a long history of implementing internet censorship and control measures. Following the 2009 protests, the government significantly ramped up efforts to filter content, block websites, and monitor online activity. The development of the National Information Network has been a key part of this strategy, aiming to create a more controlled digital environment.

Past internet disruptions in Iran have often coincided with periods of political sensitivity or public dissent. While previous outages might have been localized or targeted specific platforms, the recent event appears to be one of the most comprehensive national blackouts in recent history, underscoring the heightened state of alert and the government's willingness to employ extreme measures in the face of external cyber threats.

The government's narrative that the shutdown is purely a defensive response to cyberattacks is likely aimed at justifying the action domestically and internationally. However, critics argue that such broad restrictions disproportionately harm the civilian population and serve to consolidate the government's control over information during a critical period. The dual-use nature of internet control measures – ostensibly for security but also effective for censorship – makes it difficult to disentangle the stated reasons from broader political motivations.

Technical Mechanisms of a National Blackout

Implementing a near-total national internet shutdown involves complex technical maneuvers. Governments can achieve this through various means, often in combination:

  • **Border Gateway Protocol (BGP) Manipulation:** Internet service providers (ISPs) within a country can withdraw their BGP route announcements, effectively making their networks unreachable from the global internet. This is a highly effective way to disconnect a country from the rest of the world.
  • **DNS Filtering/Blocking:** Blocking access to international Domain Name System (DNS) servers prevents users from resolving domain names (like google.com) into IP addresses, making websites inaccessible.
  • **IP Address Blocking:** Directly blocking ranges of IP addresses associated with foreign services or content providers.
  • **Throttling Bandwidth:** Severely reducing the speed of internet connections, making it practically unusable for most applications.
  • **Controlling Internet Exchange Points (IXPs):** IXPs are physical locations where different networks connect. Controlling or shutting down IXPs can disrupt traffic flow.
  • **Directives to ISPs:** The government can issue mandatory directives to all domestic ISPs to implement these technical measures simultaneously.

A "near-total" blackout, as described, suggests that while the primary global connectivity was severed, some limited access might remain through specific channels, perhaps for essential government functions or through loopholes utilized by a small number of users, as noted by Nariman Gharib regarding VPS proxies or lucky ADSL connections. However, for the vast majority of the population, the effect is one of complete digital isolation.

Implications and Future Outlook

The Iranian government's confirmation of the internet shutdown and its stated reasons have several significant implications:

  • **Escalation of Cyber Conflict:** It signals a potential escalation in the cyber dimension of the Iran-Israel conflict, where state-level responses now include national-level internet control.
  • **Prioritization of Security over Connectivity:** It demonstrates the government's willingness to impose severe restrictions on its population's digital access when it perceives a significant national security threat.
  • **Advancement of National Internet:** The event may accelerate efforts to build and rely upon the National Information Network, further isolating Iran's digital space.
  • **Humanitarian Concerns:** It raises serious concerns about the human rights implications of denying a population access to information and communication, particularly during a crisis.
  • **Economic Impact:** Such shutdowns cripple online businesses, financial transactions, and remote work, causing significant economic damage.

The incident serves as a stark reminder of the power governments hold over digital infrastructure and the vulnerability of populations to state-imposed blackouts. As cyber warfare becomes more sophisticated and integrated into geopolitical strategies, the weaponization of internet access is likely to remain a contentious issue, with significant consequences for global connectivity, human rights, and international relations.

The situation in Iran underscores the urgent need for international attention on the norms of behavior in cyberspace, particularly concerning attacks on critical infrastructure and actions that disproportionately harm civilian populations. While states have a right to defend themselves against cyber threats, the measures taken must be proportionate and avoid violating fundamental human rights, including the right to freedom of expression and access to information, which are intrinsically linked to internet access in the modern world.

As the conflict between Iran and Israel continues to unfold across multiple domains – military, political, and cyber – the digital battleground remains highly active. The internet shutdown, confirmed by the Iranian government as a defensive response to cyberattacks, is a dramatic manifestation of this ongoing digital conflict and its severe repercussions for the people caught in the middle.