A new report from The Intercept reveals details about the Iranian government’s far-reaching digital surveillance tools, uncovering how officials partner with mobile carriers to track cell phone users, and monitor, alter, and disrupt their communications.
Ongoing protests have rocked Iran and the international stage over the past two months, sparked by the death of Mahsa Amini, a Kurdish woman who was allegedly killed in the custody of Iran’s religious morality police in September.
The government’s ability to limit internet access by blocking WhatsApp, Instagram, and major mobile networks has already been a significant hurdle for protestors. Dissidents and their supporters have expressed fears about potential surveillance, and the power that would provide an oppressive government that has already taken extreme measures to quash the movement. At least 250 people have been killed and thousands more arrested, according to Reuters.
The Intercept’s report lays out specifics about a tool called “SIAM,” which may play a significant role in the Iranian government’s efforts to control the flow of information. The information comes from leaked internal documents from Iranian cellular carriers. SIAM’s capabilities go beyond surveillance, allowing officials control over whether individuals can communicate in the first place. As The Intercept explains:
According to these internal documents, SIAM is a computer system that works behind the scenes of Iranian cellular networks, providing its operators a broad menu of remote commands to alter, disrupt, and monitor how customers use their phones. The tools can slow their data connections to a crawl, break the encryption of phone calls, track the movements of individuals or large groups, and produce detailed metadata summaries of who spoke to whom, when, and where. Such a system could help the government invisibly quash the ongoing protests — or those of tomorrow — an expert who reviewed the SIAM documents told The Intercept.
The documents reveal specific techniques used to kick cell phone users off of 4G and 3G networks and onto 2G networks. 2G is impossibly slow and uses obsolete protocols that don’t work with modern communication tools such as WhatsApp or Signal, which would leave cell phones useless aside from regular phone calls and text messages. Calls and texts traveling over 2G are easy to monitor because 2G traffic is either entirely unencrypted or easy to crack. The Intercept pointed out that 2G networks also leave cell phone users vulnerable to attacks that hijack two-factor authentication to gain access to digital accounts, something the Iranian government has reportedly done in the past.
Experts told the Intercept that SIAM would allow the government to quickly identify every cell phone at a given protest, both tracking protestors’ locations and gathering enough data to build out profiles about who they’re in contact with.
The Iranian protestors have drawn bipartisan support in the United States. Republican and Democratic lawmakers called on tech companies Friday to expand access to online services in Iran. In a letter, a coalition of congress members asked the companies to “provide expeditiously and lawfully the tools Iranians need to circumvent government blockages,” according to Axios. The Treasury Department relaxed restrictions on American companies to expand internet access in Iran last month.
SIAM is a tool that requires the cooperation of cell phone carriers, which is mandated by Iranian law. However, this is just a glimpse into what’s possible in the realm of government surveillance. Any number of tools can be used to monitor people outside of official relationships with telecommunications and technology companies, both in Iran and countries worldwide.
These abilities pose a significant threat to protestors or anyone else acting against the wishes of their government. That’s especially true in the face of a regime like Iran’s, which has demonstrated an unbounded willingness to use violence and other forms of oppression against its own citizens, with few avenues for accountability.