Packets in the Dark: VPNs, Scams and Digital Silence in Iran

In early January 2026, Iran experienced one of the most extensive and technically advanced internet shutdowns ever recorded. Unlike earlier disruptions that targeted mobile data or specific regions, this event combined routing withdrawals, protocol interference, satellite jamming, and telecom service suspension into a coordinated, multi-layer blackout. What followed was not a momentary outage but a sustained, engineered isolation of an entire national network. Drawing on measurements from Cloudflare Radar, NetBlocks, IODA, and Filterwatch, this article traces the technical progression of the shutdown from early warning signs to its two-week persistence as of January 22, 2026. Early Warning Signals Before the Blackout The shutdown did not begin without notice. In the first days of January, traffic anomalies appeared across Iran’s network footprint. Cloudflare Radar detected intermittent slowdowns, unstable IPv6 routing behavior, and brief packet loss events. These disruptions coincided with growing protests that had begun in late December 2025. By January 5, overall traffic briefly rebounded and even exceeded baseline levels. These spikes were short-lived and misleading. At the same time, reports emerged of mobile data throttling, widespread VPN failures, and DNS interference. Some encrypted connections failed during Transport Layer Security handshakes, suggesting early protocol-level sabotage rather than simple congestion or filtering. These signs indicated preparation rather than malfunction. January 8: Coordinated Collapse of National Connectivity The full shutdown began on January 8, 2026, through a carefully sequenced technical operation. At 11:50 UTC, observers recorded a 98.5 percent reduction in Iran’s announced IPv6 address space. More than 48 million IPv6 /48 prefixes vanished from global routing tables, leaving only a fraction visible. Because modern mobile networks rely heavily on IPv6, this single action severely degraded mobile connectivity nationwide. ...