The Digital Arsenal in Iran: When Invisible Fences Rise in the Conflict
Originally published on: https://circleid.com/posts/irans-digital-arsenal-when-invisible-fences-rise-in-the-conflict
On 28 February, as American and Israeli fighter jets and missiles headed towards Tehran under the codenames Operation Epic Fury and Operation Roaring Lion, a second front opened silently. Without bombs, without thunder, but with equally devastating consequences. Within hours, Iran’s internet connectivity collapsed to 1% to 4% of normal levels, and its supreme leader was killed. Nearly ninety million people plunged into a digital blackout. Government news websites went offline. Payment systems failed. In Tehran, Isfahan, and Shiraz, everyday apps stopped responding. This was what sector analysts would later call the largest coordinated cyberattack in history.
The ongoing conflict in Iran lays bare a truth that has been rehearsed for years. The central dispute of contemporary geopolitics is no longer fought solely with tanks, missiles, or oil pipelines, but in the invisible architecture that connects — and disconnects — entire societies from the global system of data and information. It is on this board that Iran has become, unwittingly, the exposed laboratory of the new digital order emerging for the entire Global South, going far beyond a war where drones are the main stars.
Digital Blackout as Weapon and Shield
The first revelation of the conflict is that the Iranian internet collapse has no single cause — and this ambiguity is politically charged. The independent organisation NetBlocks confirmed the near-extinction of Iranian digital traffic from 28 February, attributing it to a “blackout imposed by the regime”. Analysts, however, point out that denial-of-service attacks (DDoS), deep intrusions into critical systems, and coordinated electronic warfare operations by Israel and the US contributed in parallel to the collapse.
The result is a double layer of darkness. On one hand, the Iranian state, fearing the circulation of information and the coordination of enemy attacks from within, activated its “whitelisting” system — which maintains internet access only for groups loyal to the government. On the other, external agents worked to erase what remained. The blackout was, simultaneously, a hybrid warfare weapon and an internal control mechanism, two logics that mutually reinforce each other.
The attack on the religious app BadeSaba illustrates the psychological dimension of this conflict. The app, with over 5 million downloads, was compromised and began displaying alerts urging Iranian armed forces to “lay down arms and join the people”. The operation was timed to coincide with aerial bombings, sowing confusion at the exact moment when the regime’s defences needed clarity. This demonstrates that any widely adopted app — even a prayer calendar — can become a tactical vector in a hybrid war.
The Invisible Fence
What happened in February 2026 did not come from nowhere. Iran has lived for years under a form of blockade that does not disconnect the country from the internet all at once, but gradually erodes access to crucial services — public clouds, developer platforms, digital payment methods — until connectivity becomes a precarious privilege. Instead of a total blackout, what was observed before the war was a programmed strangulation: sanctions and corporate decisions combined to withdraw technical support, credentials, and integrations, leaving universities, startups, and public bodies trapped in a form of geopolitical dial-up internet in the age of generative AI.
This intervention has clearly shown us that the strategic frontier is no longer just the desert or the Strait of Hormuz, but the control panel of global providers who can, with a few clicks, degrade throughput, cut APIs, or suspend accounts under the neutral mantle of “compliance”. The private law of platforms — terms of use, internal policies, risk criteria — becomes, in practice, an arm of foreign policy, imposing punishments with devastating effects on work, education, and social organisation.
More than that, we have seen that support from countries like China and Russia with precise information makes a big difference when technology is at the centre. This war, for example, marked the end of the monopoly on orbital surveillance, with the rise of the Chinese startup MizarVision as a disruptive pivot, offering high-resolution commercial satellites that democratise real-time intelligence and challenge the exclusive dominance of Western giants. This technological convergence exposes vulnerabilities in the American air superiority doctrine, allowing Iran and allies to access advanced algorithmic analyses of movement patterns and sensor fusion, thereby redefining the balance of power in the Middle East and signalling the future of a multipolar orbital geopolitics.
Bunker or Cage?
It is in this context of chronic suffocation and growing importance of information obtained through AI that the Iranian National Information Network (NIN) — the sovereign intranet developed over the past decade — must be read. Without romanticism, but also without reductionism. Critics point out that this architecture facilitates censorship, surveillance, and repression, consolidating a high-cost democratic model of “sovereign firewall” like that existing in China.
But the 2026 conflict also revealed that countries under sanctions that lack some form of segmentation and domestic infrastructure are exposed to ideal territory for espionage, ransomware, and remote sabotage. Without the NIN, the regime’s capacity to maintain payment systems and emergency communication would have collapsed even more rapidly. The bunker is real — even if its inhabitants are a theocracy.
The dilemma is genuine: the same infrastructure that can protect populations from external shocks is the one that can be used to monitor, silence, and repress them. This tension is at the heart of the digital sovereignty issue for the Global South.
Patriotic Hacktivism
In the line of digital warfare, the hacker group “Handala”, self-proclaimed defender of the Palestinian cause, has emerged as the main face of pro-Iran cyber counterattacks against the US and Israel in the current war context, according to a Wired magazine report. Named after the Palestinian icon created by Naji al-Ali, the collective operates with ideological manifestos that may indicate links to Iranian intelligence, claiming attacks such as the devastating one on Stryker, the American medical technology giant, which erased data from hundreds of thousands of devices and extracted tens of terabytes of critical information. Experts from Recorded Future and Palo Alto Networks point to technical and strategic convergence between Handala and Iran’s Ministry of Intelligence, framing the attack as retaliation for American bombings that killed Iranian civilians.
This operation against Stryker illustrates the erosion of the threshold between military and civilian targets in cyber warfare, with healthcare infrastructure paralysed and no ransom demand. Wired highlights that Handala is part of an ecosystem of over a hundred Iranian hacktivist groups, which offer the Tehran regime plausible deniability while projecting asymmetric power, coordinating with official narratives and state tools. In the framework of the war in Iran, this signals a phase of normalisation of hybrid hacktivism, where global companies become bargaining chips, raising risks to civilian populations and challenging international digital governance landmarks.
Cloud War and Authoritarian Stack
The least visible dimension of the conflict, but perhaps the most enduring, is the “cloud war”. AI chips and access to major platforms have become diplomatic currency as relevant as military bases or oil agreements. By conditioning the supply of advanced semiconductors, computing credits, and specialised support to strategic alignments, Washington turns CEOs into special envoys and forces Global South countries to choose not only political alliances, but entire technology stacks.
To this is added private orbital sovereignty: with their low-Earth orbit satellite constellations, controlled by companies, they can decide whether a conflict area will have broadband or remain in digital darkness. The precedent of selective coverage adjustments in war zones, as in the case of Ukraine, demonstrates that, without robust space governance frameworks, essential connectivity risks being treated as a tactical asset, manipulable by government and billionaire coalitions. And the country also showed us another interesting side of hybrid digital warfare. Data centres and offices of US technology companies in neighbouring countries became the target of unprecedented attacks by Tehran. A situation that cast a great shadow of uncertainty over billion-dollar investments in AI digital infrastructure planned for the Gulf. Today, Khamenei’s government has listed big tech facilities, including Palantir, among potential attack targets.
In the same movement, the line between civilian and military technology has been dissolved. The consortium between Palantir and Anduril combines systems like Maven and Lattice to integrate sensor, vehicle, and weapon data in real time, automating tactical decisions under proprietary software licensed according to specific geopolitical interests. Those without their own means of military data collection and inference will end up dependent on a security stack that can be switched off from outside at any moment. Experts also warn of the growing role of AI in offensive operations. Iran, with over a decade of history in attacks against American and Israeli critical infrastructure, has concrete incentives to employ all available resources as the conflict intensifies.
Lessons for the Global South
For countries like Brazil, Indonesia, South Africa, or any nation aspiring to technological autonomy, Iran is an uncomfortable mirror. The 2026 blackout is not an aberration but the plausible future of any country that accepts, without contest, the privatisation of connectivity, orbit, and algorithmic decision-making over collective life. The strategic response cannot be limited to hardening defences in the Iranian mould — replicating the NIN’s isolation would mean paying an unacceptable democratic price. But nor can it ignore the conflict’s harshest lesson: that unrestricted technological dependence becomes strategic vulnerability.
The concept of “Meltnet”, which I have discussed in some texts, proposes an intermediate way out through a mosaic of national networks interoperating under a trust federalism, with auditable safeguards for data transit. In this model, what passes between networks is not decided in Washington, Brussels, or a Big Tech boardroom, but in multilateral protocols combining cryptography, verifiable logs, and distributed arbitration mechanisms. Under the aegis of BRICS, Global South countries could anchor part of their traffic in jointly financed cables, datacentres, and satellites — with rules resistant to unilateral coercion. The New Development Bank (NDB) has a central role in financing regional public clouds and alternative traffic paths via submarine cables that offer institutional “escape routes” for countries under sanctions.
In the end, the war in Iran shows that digital sovereignty is not the abstract right to “pull the plug” or localise data, but the concrete capacity to govern, audit, and invest in trust infrastructures that protect populations from external shocks without stifling their internal rights. The invisible fence that today encloses and, at the same time, protects Iran anticipates the future of any country that does not actively contest the rules of the digital board. Meltnet, on the other hand, indicates that there is still room to redraw the map — making interdependence a negotiated choice, not a silent hijacking.
References:
https://www.csis.org/analysis/operation-epic-fury-and-remnants-irans-nuclear-program
https://www.cnbc.com/2026/03/07/irans-internet-blackout-extends-into-second-week-netblocks.html
https://defensescoop.com/2024/12/06/palantir-anduril-consortium-ai-new-alliance-merge-capabilities/
https://gizmodo.com/iran-includes-american-tech-giants-on-list-of-new-targets-2000732530
https://flashpoint.io/blog/escalation-in-the-middle-east-operation-epic-fury/
How ‘Handala’ Became the Face of Iran’s Hacker Counterattacks
[1] https://circleid.com/posts/welcome-to-meltnet-a-blueprint-for-digital-sovereignty-in-a-fragmented-world e https://floresta-digital.ghost.io/about-the-internet-and-internets/