Tech Resilience Under Sanctions: How Iran, North Korea, and Russia Innovate Without U.S. Platforms

By /

Heavily sanctioned nations such as Iran, North Korea, and Russia have been forced to develop creative strategies to keep their digital ecosystems running in the absence of U.S.-based software, platforms, and apps. Cut off from many Western technologies by legal restrictions or corporate pullouts, these countries employ a mix of government-driven programs and grassroots workarounds to bridge the tech gap. Major domains of impact include everyday communication, operating systems, cybersecurity, productivity and office software, financial technology (fintech), e-commerce, education, scientific research, and cloud infrastructure. This report provides an analytical look at how each country’s government and citizens cope in these areas – from building domestic alternatives and leveraging open-source tools, to fostering black markets and “digital smuggling” of banned tech, and partnering with non-Western allies (like China) for support. The tone throughout is neutral and informative, examining these adaptations not as endorsements but as case studies in technological resilience. Key comparisons are drawn between popular U.S. tech products (Google, Microsoft, Apple, Adobe, PayPal, Amazon Web Services, etc.) and the sanctioned countries’ replacements or equivalents, summarized in side-by-side tables where appropriate. The analysis highlights how necessity has driven innovation – as well as the limitations and risks these nations face without direct access to mainstream global tech.

Government-Level Strategies for Tech Self-Reliance

State Policies and “Digital Sovereignty”: All three governments have pursued policies of techno-nationalism – seeking greater control over their digital destiny. Over the past decade, Russia in particular embarked on an “import substitution” campaign to replace foreign IT products with local ones. Laws and mandates were introduced requiring government agencies and critical sectors to switch to domestic software and equipment, long before the 2022 Ukraine war . This push accelerated after Western sanctions tightened: President Putin openly called for “strangling” remaining foreign tech providers to speed adoption of Russian alternatives. The Kremlin frames digital self-reliance as a matter of national security – aiming to eliminate “backdoors” for foreign influence and to ensure continuity of services even if cut off from the global Internet. Russia’s 2022 wartime isolation has thus turned “tech isolationism” from a long-term goal into immediate policy.

Iran’s government likewise promotes a “Resilient Economy” doctrine which includes tech independence. Over the last two decades of sanctions, Tehran invested in homegrown tech centers and a National Information Network (an isolated intranet often called the “halal internet”) to reduce reliance on the global web. State-affiliated labs have developed indigenous software (even an Iranian operating system project called Zamin OS in 2012) and forked versions of popular apps. Officials tout these efforts as bolstering “digital sovereignty” and thwarting what they term “economic terrorism” in cyberspace. North Korea’s regime, arguably the most isolated, has from the outset built a tightly controlled tech ecosystem – not only for security but because sanctions outright ban most Western tech exports. The government’s Korea Computer Center (KCC) created a state-sanctioned Linux OS (Red Star) for all domestic computers, explicitly to avoid dependence on Microsoft or Apple software. Pyongyang’s policy is to block or heavily monitor foreign platforms while supplying state-approved alternatives (like its sealed-off “Kwangmyong” intranet), keeping information and software strictly under government purview.

Investment in Domestic Alternatives: Each government has poured resources into nurturing local tech companies as stand-ins for banned Western brands. In Russia, this has meant supporting firms like Rusbitech, which produces the Astra Linux operating system – its revenue nearly tripled from 2.4 billion rubles in 2021 to 6.5 billion rubles in 2022 amid surging demand. Authorities also fast-tracked projects like MyOffice (a domestic office suite to replace Microsoft Office) and promoted Russian cloud services (e.g. Yandex Cloud, SberCloud) to fill the gap left by Amazon, Microsoft, and Google. By mid-2023, Russia’s Minister of Digital Development claimed that local industry had “viable solutions” ready and that companies had 18 months to prepare for the loss of Microsoft – indeed “many [firms] started shifting to Russian operating systems based on Linux” during that period. In Iran, state-backed incubators have spawned lookalike apps for everything from ride-hailing to music streaming (detailed in later sections). When Apple and Google banned Iranian apps from their stores in 2017–2018, the Iranian tech sector responded by launching parallel app marketplaces and “Iranian versions” of popular platforms. For example, Iran’s domestic smartphone maker GLX worked with university students to develop a homegrown Android-based OS in 2019, intended to replace Google’s version on local devices. Similarly, North Korea’s KCC not only built Red Star OS but also custom applications (like a Firefox-based browser “Nanara” for the intranet). These governments often protect nascent local tech by banning or discouraging foreign competitors outright – for instance, Russia blocked Facebook and Instagram in 2022, effectively handing their market share to domestic networks like VKontakte.

Alliances and Backdoor Channels: Sanctioned states also leverage relationships with non-Western partners to access technology indirectly. China is the linchpin for both Iran and Russia. Beijing has sold Iran sophisticated telecom hardware (e.g. switches, 4G infrastructure) and even provided Iran access to its BeiDou satellite navigation system as an alternative to U.S. GPS. In 2021, Iran and China signed a 25-year strategic partnership (worth a reported $400 billion) that includes cooperation in IT and communications. Chinese companies like Huawei and ZTE have been instrumental in Iran’s network build-out – enabling Tehran’s internet to function without Cisco or other U.S. suppliers. Russia, especially after 2022, has deepened tech ties with China as well: Alibaba Cloud and Huawei Cloud are expanding services for Russian clients, Chinese PC and smartphone brands (Lenovo, Xiaomi, Huawei) now dominate Russian store shelves in lieu of Western electronics, and China’s UnionPay network is helping Russian banks restore some international payment capability (discussed under Fintech). North Korea depends almost entirely on China (and to an extent Russia) for illicit procurement of hardware – everything from basic electronics to high-end components is smuggled across the Chinese border. The regime’s elites notoriously obtain luxury gadgets like iPhones and Samsung Galaxy phones “sanctions be damned,” likely via China. UN reports note that definitions of “luxury goods” are lax, so Chinese traders exploit loopholes to sell banned tech to Pyongyang’s ruling class. In addition, sanctioned countries quietly trade amongst themselves: for instance, Iran has supplied Russia with military drones (in exchange for cash or perhaps access to Russian tech), and Russia in turn has discussed linking its Mir payment card system with Iran’s banking network, creating a mini financial alliance outside SWIFT. These partnerships and gray channels are critical – they form a parallel tech ecosystem that mitigates the impact of Western sanctions.

Offensive Cyber and Intelligence: A more covert government strategy has been to invest in cyber warfare and espionage to steal what they can’t buy. All three countries have active state-backed hacker units. North Korea is the most notorious in this regard – its hackers have stolen an estimated $650 million since 2011, largely via cryptocurrency heists, to finance the regime. A significant number of these cyber operatives work abroad in China, Russia, or other countries, helping Pyongyang evade sanctions and gather technical know-how. Iran’s Revolutionary Guard cyber units have conducted espionage and intellectual property theft (for example, Iranian APT groups were indicted for stealing academic data and software prototypes from Western universities and companies). Russia, with its advanced cyber forces, has used cyberattacks both tactically (e.g. targeting Ukrainian infrastructure) and strategically (hacking foreign tech companies or research institutions) to either sabotage enemies or indirectly access technology. In essence, these governments sometimes “hack their way” into getting software updates, encryption keys, or R&D data that sanctions bar them from receiving legally. While details are classified, Western cybersecurity agencies have attributed supply-chain intrusions and theft of software code libraries to actors from these states. Offensive cyber capabilities thus serve as both a fundraising tool (especially for cash-starved North Korea via ransomware and crypto theft) and as a means of catching up technologically by stealing innovation.

Censorship and Control as a Strategy: Notably, some of the regimes use internet censorship itself as a coping mechanism to enforce use of domestic tech. For example, Iran’s authorities frequently block or throttle foreign services to drive users toward state-approved apps – during recent protests, they banned popular VPNs and messaging apps, leaving Iranians little choice but to rely on local platforms that remained operational. This tight control ensures that even if foreign software is technically accessible, its usefulness is limited. North Korea takes this to the extreme by disallowing ordinary citizens any access to the global Internet; thus the population must use only what the state provides (no risk of them even attempting to use banned Western apps). In Russia, a “sovereign internet” law enables authorities to isolate Runet (the Russian Internet) and block content – since 2022, dozens of Western news and social sites have been blocked, which by design boosts traffic to Russian substitutes. In short, these governments don’t just build alternatives – they often force adoption by suppressing the competition. The result is a captive user base for domestic tech products.

Civilian-Level Workarounds and Black Markets

While governments build official alternatives, everyday citizens and businesses find their own workarounds to access banned technology. The sanctioned countries each have thriving gray markets, VPN networks, and piracy scenes enabling individuals to obtain Western software and services despite the restrictions. These bottom-up solutions exist in tension with government controls – often tolerated unofficially because they relieve public pressure. Below, we examine how civilians leverage everything from virtual private networks to outright smuggling to fulfill their tech needs.

VPNs and Proxy Connections: One common thread is the widespread use of VPNs (Virtual Private Networks) and other censorship-circumvention tools. In Iran, using a VPN to bypass internet filters is practically a national pastime – by 2023, millions of Iranians were relying on VPN apps to reach services like Instagram, WhatsApp, and Google that were otherwise blocked or restricted. This has been described as a “VPN epidemic” in Iran’s digital life. Although the Iranian government moved to criminalize unauthorized VPN usage in 2024 (signaling how pervasive it had become), enforcement is spotty and demand remains high. For Russian internet users, VPNs became essential after the Ukraine invasion when Moscow banned many Western social platforms; by mid-2022, downloads of VPN tools in Russia spiked dramatically as people sought to stay on Instagram, Facebook, and Western news sites despite the official blocks. The Russian government has tried to crack down – passing fines for VPN usage and blocking some VPN websites – but tech-savvy Russians continue to find new proxy services. Even North Koreans, though largely offline, have a parallel in the form of illegal Chinese mobile SIMs used near the border: some North Korean residents secretly install Chinese SIM cards or network devices to get an uncensored internet connection via Chinese cell towers, effectively “VPN-ing” into the outside world at great personal risk. In all cases, these tools enable a form of digital smuggling – tunneling into the global internet from within a closed country. Notably, the U.S. has encouraged this behavior as a form of soft power: in late 2022, the U.S. Treasury updated General License D-2 to explicitly allow American companies to offer VPN and anti-censorship software in Iran despite sanctions, aiming to help Iranians communicate freely. Thus, ordinary users cling to global platforms via technical loopholes even as their governments push local substitutes.

Pirated Software and Content: Software piracy is another major coping mechanism. When legal access is blocked, people simply acquire cracked versions of Western software. For instance, after Microsoft halted sales and support in Russia, there was a surge in Russians searching for pirated Windows and Office downloads – queries for “Microsoft Office pirated” jumped 650% in spring 2022 according to Russia’s Kommersant newspaper. By late 2023, Microsoft’s license cutoff in Russia had many companies and users continuing with unlicensed copies, using activation hacks to keep Windows running. Iran has long been known for high piracy rates of everything from Windows and Photoshop to Hollywood movies – partly because sanctions made purchasing licenses impossible, but also due to weaker IP enforcement. An Iranian user who cannot access Adobe’s website or pay with an international card will simply install a cracked Photoshop from a local shop or download site. This “shadow market” for software is tacitly accepted by authorities as it keeps the economy functioning. Even some government offices in sanctioned states have been rumored to run unlicensed Western software when no local equivalent meets their needs (despite the irony of a government breaking the same sanctions it faces). On the media front, all three countries see a lot of bootlegging of digital content. North Koreans famously consume smuggled South Korean dramas and Western films on USB sticks and DVDs in a flourishing black market, since they have no legal access to global entertainment. Iranians and Russians likewise find ways to stream or download foreign movies, TV series, and books despite bans. This widespread piracy fills the gap in productivity and entertainment software for civilians – ensuring they aren’t completely cut off from global culture and tools, even if it operates in a legal gray zone.

Hardware Smuggling and Parallel Imports: Sanctions don’t only hit software – hardware (devices, chips, servers) are also restricted. In response, informal smuggling networks and “parallel imports” have emerged. Russia provides a striking example with its sanctioned consumer tech: in March 2022, Apple and many others stopped new product sales in Russia, but by late 2023 the latest iPhone models (even an “iPhone 17”) were still appearing in Moscow stores via parallel import from non-sanctioning countries. The Russian government legalized this practice, allowing importers to bypass intellectual property rules and bring in goods through third countries like Turkey, the UAE, or Central Asian republics. As a result, Russian consumers continue to buy new Western gadgets (albeit at higher prices) almost as if sanctions didn’t exist. Iran similarly sees many electronics arrive through Dubai or Oman via middlemen. High-end laptops, networking gear, even Cisco routers under embargo have a way of finding themselves on Tehran’s black market. North Korea relies on outright smuggling – e.g. trading companies in China will secretly funnel sanctioned machinery and computers to NK in exchange for cash or minerals. In all cases, a two-tier market forms: an official market of local or friendly-nation products, and an underground market of Western products at premium prices. Those who can afford it will still get the genuine iPhone or Cisco switch; those who can’t will settle for the local substitute or a cheaper Chinese model. This dynamic somewhat undermines the sanctioned governments’ push for self-reliance (as elites often prefer Western quality), but it also acts as a safety valve for discontent: people don’t feel as deprived if they can eventually obtain the desired product through unofficial means.

“Digital Smuggling” and Account Workarounds: Even when physical devices aren’t smuggled, people find ways to create accounts or use foreign online services illicitly. For example, Iranian freelancers who are barred from platforms like Upwork or GitHub (due to U.S. sanctions) often register accounts using VPNs and fake locations, sometimes leveraging friends abroad to receive payments and then sending money back via crypto or hawala channels. In the gaming community, Russian players locked out of purchasing games on Steam (a U.S.-based platform) have resorted to using VPNs and gift cards bought from foreign websites to top up their accounts. Iranians have done the same for app stores – before local alternatives existed, an Iranian iPhone user might make a fake Apple ID with a UAE or U.S. address to download apps, or get an App Store gift card code through a reseller. Sharing economy hacks occur too: in Iran, when services like Uber or Amazon aren’t available, people find informal Telegram groups or use Instagram pages to arrange similar services person-to-person. This kind of peer-to-peer workaround leverages whatever global tools are accessible (Telegram, for instance, is technically banned in Iran but widely used via VPN) to compensate for missing formal platforms.

Cryptocurrency Usage: As a crossover between civilian and government workaround, cryptocurrencies have gained popularity in sanctioned countries as an alternative financial rail. Many ordinary Iranians and Russians turned to Bitcoin, Tether, and other crypto to make online purchases or receive money for freelance work after being cut off from PayPal and traditional banking channels. For instance, an Iranian app developer might ask an overseas client to pay in Bitcoin since international wire transfers to Iran are blocked. Crypto exchanges (often peer-to-peer) operate in these countries despite legal uncertainties. The Russian financial watchdog even acknowledged in 2023 that companies were using crypto and gold for some cross-border payments to blunt the effect of SWIFT bans. North Korea takes this to an extreme: aside from state-sponsored theft of crypto, even some private citizens near the China border reportedly use crypto to quietly conduct trade (though on a much smaller scale). Overall, digital currencies serve as a sanctions-evasion tool for both individuals and businesses, creating a parallel economy. However, regulators in Iran and Russia remain wary – they don’t want capital flight or uncontrolled finance – so they have begun exploring state-controlled versions (like Russia’s new digital ruble CBDC) to harness the benefits without ceding control. Still, for now, crypto remains a lifeline for sanctioned civilians to engage with the global digital economy when official channels are closed.

Reliance on Open-Source Software: A final important workaround is the heavy use of open-source software, which is freely available to anyone and not subject to sanctions. Tech-savvy communities in these countries often embrace open-source alternatives to proprietary U.S. products. For example, developers in Iran or Russia can use the Linux operating system, LibreOffice suite, GIMP image editor, and other open tools with no legal barriers. In fact, Iran’s government itself promoted Linux adoption for security reasons (and to avoid copyright issues) as far back as the mid-2000s. After sanctions tightened, Russian enterprises likewise started replacing Oracle databases with PostgreSQL, or Windows servers with Linux servers, to reduce dependence on vendors that left the market. Open source also extends to education – students download Python, Node.js, or other programming languages and frameworks that are open, ensuring the next generation of engineers isn’t stymied by lack of licensed software. There have been hiccups – for instance, GitHub (an open-source code repository owned by Microsoft) briefly restricted Iranian, Syrian, and Crimean developers’ accounts in 2019 to comply with sanctions, causing outrage. This over-compliance was later reversed after U.S. authorities clarified that hosting open-source code is permitted. As of 2023, GitHub is fully available in Iran following a U.S. license exemption, which underscores the principle that open collaboration tools should remain accessible. This means Iranian and Russian coders continue to contribute to and benefit from global open-source projects. Such access is invaluable because it effectively democratizes innovation – no single country can cut off others from open knowledge. In summary, open-source software provides a legitimate backdoor for sanctioned societies to keep up with technological advances, even if commercial software is off-limits.

By combining these civilian strategies with government programs, Iran, Russia, and North Korea manage to keep many facets of modern life functioning. The next sections will drill down into specific domains – communication, operating systems, cybersecurity, etc. – detailing the domestic replacements vs. U.S. tools in each area. Side-by-side comparisons and examples will illustrate the ingenuity and challenges in each country’s approach.

How Iran, North Korea, and Russia Innovate Without U.S. Platforms

Communication and Social Media Ecosystems

One of the most immediately impacted areas by sanctions is digital communication – including social networking platforms, messaging apps, and general internet connectivity. U.S.-based services like Facebook, Twitter, WhatsApp, Instagram, and YouTube have global reach, but sanctioned countries face a mix of access bans (by the U.S. companies or their own governments) and homegrown alternatives filling the void. Below we examine each country’s communication landscape and compare Western platforms to the sanctioned-country equivalents.

Iran: National Platforms vs. Global Platforms

Iran has a long history of blocking popular Western social media for political and religious reasons. Facebook and Twitter have been officially censored in Iran since around 2009, and YouTube as well – although Iranians still access them via VPNs. In their place, Iranian authorities encouraged local clones. For instance, Iran developed Aparat, a Persian-language video sharing site that functions much like YouTube. Aparat reportedly streams over 10.5 million videos daily and features similar content (comedy clips, sports, kids’ shows) to YouTube. For social networking, an earlier Iranian platform called Cloob tried to substitute for Facebook (though it never reached the same popularity and eventually shut down). In recent years, Instagram had been one of the few U.S. platforms not blocked in Iran – it became extremely popular for small businesses and influencers. However, during the late-2022 Mahsa Amini protests, the Iranian government cut off Instagram and WhatsApp nationwide to hinder protest organizing. This drove even more users to domestic messaging apps like Soroush, Bale, and iGap, which are Iranian-made clones of WhatsApp/Telegram. These apps advertise similar functionality (encrypted chats, groups) and have steadily grown in use, though many citizens remain suspicious of their security (fearing government surveillance). According to a BBC Monitoring report, such domestically-made messaging apps are “steadily growing in popularity” in Iran. The Iranian tech market has at least half a dozen messaging apps vying to replace WhatsApp/Telegram, including iGap (often likened to WhatsApp) and Bale (which even mimics Facebook Messenger’s interface).

In the absence of Twitter, some Iranian developers created analogues like Nevisak (a microblogging service) and Profile.ir (a LinkedIn-style resume site). There’s also Rubika, a state-endorsed “super-app” that combines messaging, video streaming, and shopping – somewhat akin to China’s WeChat. For more targeted social functions, Iran has Divar (an online classifieds marketplace similar to Craigslist) and Takhfifan (a deals site analogous to Groupon). The ride-hailing app Snapp doubles as a communications platform in some ways – it’s used by 85% of Iranian taxi riders and also offers food delivery and other services where users interact (more on Snapp in E-commerce section). An interesting case in communications is Iran’s national email service and domestic search engines (like Yooz and Parsijoo), which the government promoted to reduce reliance on Gmail and Google. However, uptake of those has been limited; many Iranians still use Gmail via VPN when they can. The overall trend is that Iranians adopt domestic social apps when forced, but often prefer international ones when accessible. Table 1 below summarizes some key U.S. vs Iranian communication platforms:

Table 1: U.S. Communication Platforms vs. Iranian Equivalents

Category / Service U.S./Global Platform Iranian Replacement (Status)
Search Engine Google Search Yooz, Parsijoo (Iranian search engines – limited usage; Google is filtered but still used via VPN)
Social Network Facebook Facenama, Cloob (now defunct); Instagram (U.S.-owned, was popular until recently blocked)
Microblogging Twitter Nevisak (Persian Twitter-like service – niche)
Professional Network LinkedIn Profile.ir (local LinkedIn equivalent; LinkedIn itself partly accessible)
Video Sharing YouTube Aparat (YouTube clone with 10M+ daily views)
Messaging (Chat) WhatsApp / Telegram iGap, Bale, Eitaa, Soroush (WhatsApp/Telegram clones; Telegram banned but widely used via VPN)
Photo/Video Sharing Instagram Lenzo (short-lived Instagram-style app); Instagram was widely used until 2022 block
Video Streaming Netflix Namava, Filimo (Iranian streaming services); IMVBox (focused on Iranian films, mimics Netflix UI)
Music Streaming Spotify / Apple Music Melovaz (Iranian music site with local and Western songs – but censors album art)
App Store (Mobile) Apple App Store (iOS) Sib (means “apple” in Persian – an Iranian iOS app store alternative)
App Marketplace (Android) Google Play Store Cafe Bazaar (major local Android app store), Myket (another app bazaar for Android)

 

As shown above, Iran has tried to reproduce many Western social platforms under local branding. Some have been successful (Aparat is a hit; Cafe Bazaar dominates app installs), while others struggle against the enduring appeal of the originals (e.g. many users went back to Instagram via VPN rather than use a clone app). A notable success story is Snapp, which started as Iran’s “Uber” and evolved into a multi-service super-app. Despite U.S. sanctions – which got Snapp banned from Apple’s App Store in 2018 and Google Play in 2017, forcing the company to distribute its app covertly – Snapp thrived. The company resorted to creative tricks like disguising itself as a benign music app (“RadickRadio”) on app stores to evade detection. Ultimately, Snapp moved to a web-based app to bypass app store bans, and built its own navigation maps when Google Maps API access was cut. By localizing all data and servers inside Iran, Snapp became independent of American tech giants (it even replaced AWS cloud by using Iranian data centers). As of 2020, Snapp had 85% of Iran’s ride-hailing market, partnering with 1.5 million drivers and handling over 2 million rides per day. This showcases how an indigenous platform, with government tolerance and necessity on its side, can fill the gap left by a banned Western service – essentially “Iran’s Uber” is now a self-sufficient ecosystem.

Russia: From VK and Telegram to RuTube

Russia entered the post-2022 sanctions era with some strong domestic communication platforms already in place. VKontakte (VK), founded in 2006, is Russia’s homegrown equivalent of Facebook and was already the most popular social network among Russian speakers. When Russia banned Facebook and Instagram in March 2022, VK’s user base swelled further as businesses and influencers migrated there. VK offers profiles, photo sharing, events, and messaging much like Facebook, and Odnoklassniki (OK.ru), another long-standing network, caters to reconnecting classmates and is analogous to an old-style Facebook. So in the social networking category, Russia’s replacements were mature – the sanction fallout mainly served to eliminate Western competition, effectively making VK and OK the only major networks. Instagram’s ban left a void for image-centric social media; some entrepreneurs announced “Rossgram” as a Russian Instagram clone, but it never gained real traction (many ex-Instagram users simply moved their content to VK or Telegram channels). For microblogging, Twitter was blocked in Russia, but a significant number of Russians continue to access it via VPN for uncensored news. There isn’t a clear domestic Twitter alternative (some have pointed to “Yandex Zen” blogging platform or Telegram’s public channels as fulfilling a similar role of broadcasting short updates).

When it comes to messaging, ironically Telegram – which is not U.S.-based but was founded by a Russian (Pavel Durov) – became the de facto communication backbone in Russia after sanctions. Telegram was briefly outlawed in Russia in 2018 due to refusal to hand over encryption keys, but that ban was lifted in 2020 and by 2022 Telegram was widely used by both officials and the public. It’s now a primary source of news (with massive Telegram channels), group chats, and even e-commerce promotions in Russia. Western messengers like WhatsApp continue to function for now (Russia hasn’t banned WhatsApp, since it’s seen as a private comms tool and not an “extremist” organization like Meta’s Facebook). However, many Russians fear potential loss of WhatsApp if relations worsen, so they have adopted VK Messenger (built into VKontakte) or ICQ New (an updated version of the old ICQ, now owned by a Russian company) as backups. The government has also promoted “Secure Internet Messenger” apps for officials that are domestic.

For media sharing, YouTube has been a tricky issue – it’s hugely popular in Russia and, unlike Facebook, it wasn’t blocked outright (likely because of lack of a full replacement and fear of public backlash). But under pressure, many advertisers and creators have moved from YouTube to RuTube, a video platform run by Gazprom Media. RuTube saw investment to improve its interface after 2022, and while it’s still far smaller than YouTube, it hosts content from state media and some popular vloggers who left YouTube. Yandex.Efir (video) and VK Video are other local avenues trying to capture the video audience. For live streaming and chat, where Twitch (U.S.-based) had presence, Russia launched Wasd.tv – a domestic game streaming site – and encouraged gamers to switch to it when Twitch restricted Russian streamers.

In summary, Russia’s communications sphere post-sanctions is characterized by strong domestic social networks (VK, OK), pervasive use of Telegram as an all-in-one communication platform, and emerging (though not yet fully competitive) substitutes for video streaming and other media. The absence of Western platforms has certainly changed usage patterns – for instance, Russian small businesses that used to rely on Instagram for sales have had to pivot to VKontakte’s marketplace or to Telegram channels, with mixed success. One can say Russia was somewhat prepared: years of state policy favoring local internet businesses meant that when Western companies pulled out or were blocked, Russian alternatives could immediately take their place for the majority of users. The table below outlines some of the main comparisons:

Table 2: U.S. vs Russian Communication Platforms

Service Category U.S./Global Platform Russian Equivalent / Approach
Social Networking Facebook VKontakte (VK) – dominant network replacing Facebook; Odnoklassniki – for older demographics. Facebook/Instagram banned as “extremist.”
Photo/Video Social Instagram No exact clone succeeded (planned “Rossgram” faltered); users moved to VK’s photo albums or Telegram channels. Instagram banned in 2022.
Microblogging Twitter No direct alternative; some use Telegram public channels for similar broadcast-style updates. (Twitter blocked; accessed via VPN by some.)
Messaging WhatsApp / Messenger Telegram – widely used (originally Russian-developed); VK Messenger; legacy ICQ New. (WhatsApp still working but subject to Meta-related distrust.)
Video Sharing YouTube RuTube – Russian video site (state-supported, modest popularity); also VK Video and Yandex Video. (YouTube not officially blocked but under pressure.)
Live Streaming Twitch Wasd.tv – local streaming for gamers; also, some stream on VK Live.
App Stores Google Play (Android) / Apple App Store (iOS) RuStore (new Russian Android app store launched by VK in 2022); Huawei AppGallery (Chinese, gained users after Google limited paid apps). Apple App Store is inaccessible for Russian bank apps due to sanctions – iOS users must sideload or use Russian app aggregators.

Russia’s case highlights a partial decoupling from the Western social internet. Many Russians now operate in a parallel online universe – posting on VK instead of Facebook, watching videos on RuTube or Chinese TikTok clones instead of YouTube (TikTok itself blocked new uploads from Russia), and organizing via Telegram instead of WhatsApp. There are still workarounds (e.g. millions of Russian YouTube watchers didn’t disappear; they use VPNs or simply that YouTube isn’t blocked). But the trajectory is toward a Russian-run social media sphere, often termed a “sovereign RuNet.” One effect of this is increased control for authorities (since domestic services can censor content as required by Russian law), but it also means less exposure to global discourse for ordinary Russians, arguably one intended outcome of the Kremlin’s strategy.

North Korea: Isolation and Internal Networks

North Korea’s situation is unique in that citizens have virtually no access to global communication platforms to begin with. The country operates a closed intranet called Kwangmyong, which hosts a few thousand state-approved websites (like news, libraries, and educational resources). There are rudimentary email and messaging services on this intranet, but nothing like a public social network. For instance, the average North Korean may use a government-provided email to communicate work matters, and access message boards or chat on the intranet, all of which is monitored. There is no North Korean Facebook or Instagram – such concepts clash with the regime’s information control. Instead, the state-run media (Korean Central Television, newspaper Rodong Sinmun) and group meetings are the main “social media,” in effect. That said, North Korea did develop some social media knock-offs for its elites or as prototypes. Tourists have reported seeing a service called “Friend” on the intranet that is similar to a social networking site, possibly meant for university students to interact under supervision. And in 2021, news leaked of a North Korean video streaming site modelled after Netflix, called “Manbang,” which runs on the intranet and offers curated movies and documentaries (all propaganda-friendly) on-demand. “Manbang” literally means “everywhere” in Korean – a tongue-in-cheek reference to Netflix’s ubiquity, but of course limited to regime-approved content.

For messaging, North Korean mobile phones (which about 15%–20% of citizens now have, on a sealed domestic network) offer call and text services, and perhaps a rudimentary chat app. These phones run on a modified Android OS (with all foreign communication apps removed) and cannot connect outside the national network. So while someone might have an app icon that looks like a messaging app, it would only communicate with others on North Korea’s network (and likely logs everything). There is no legal way for North Koreans to use WhatsApp, Telegram, or anything of that sort. Only a very small number of trusted elites (and cyber operatives) have access to the real Internet, and as reports indicate, those elites indeed use whatever devices and services they want – including iPhones, iPads, Windows and macOS computers. For example, Kim Jong-un was photographed with an iMac on his desk, and research by Recorded Future found North Korean IP addresses using devices from Apple and Huawei, plus servers by IBM. This suggests that North Korea’s ruling class bypasses sanctions via procurement channels (often treating banned tech as luxury goods) and enjoys a connected life, whereas the masses remain on the walled garden of domestic tech.

In sum, North Korea doesn’t have a vibrant scene of “alternative social apps” like Iran or Russia because all unfettered communication is forbidden. The communications strategy is instead to isolate and propagate internal propaganda channels. The comparison table for NK’s comms vs global is mostly a list of absences:

  • Facebook/Twitter – Not available at all to public; internal message boards only.
  • Messaging – No international apps; domestic SMS and maybe a closed IM for some.
  • YouTube/Netflix – Not available; state TV and the “Manbang” intranet streaming service for select content.
  • Email – No Gmail; a closed intranet email service exists for official use.

What few domestic apps exist (like a news app or a learning app pre-loaded on tablets) are one-way or static. The average citizen has no capacity to broadcast opinions online or connect with strangers – a stark contrast to even Iran where despite censorship, millions engage on Telegram and Instagram. Thus, North Korea’s workaround is essentially to do without modern social media altogether. The population copes through analog means (e.g. swapping smuggled USB media in physical markets) rather than digital platforms for social interaction. It’s a reminder that at the extreme end of sanction-induced isolation, innovation can be stifled by design – North Korea chooses control over connectivity, meaning the tech “alternatives” it develops are purely state-serving.

Operating Systems and Software Infrastructure

Operating systems (OS) and basic software are fundamental to any computing environment. When U.S. companies like Microsoft and Apple are unable or unwilling to provide their products to sanctioned countries, those nations must find other solutions to run computers and devices. In this section, we explore how Iran, Russia, and North Korea handle desktop operating systems, mobile OS, and critical software infrastructure without official access to the likes of Windows, macOS, iOS, and Android (Google services). We also look at how they maintain or replace essential software updates and security patches in a sanctioned setting. This is an area where open-source software often comes to the rescue, and where governments have actively sponsored domestic OS projects.

Domestic Operating Systems vs. Windows/macOS

Microsoft Windows has long been the dominant PC operating system worldwide, and that is true in sanctioned states as well – but largely via pirated copies. For example, in Iran, Windows holds about an 80% share of desktop OS market even in 2025, despite Microsoft not doing business there. That 80% consists of older versions of Windows installed without license, since sanctions prevent buying licenses legally. Iranian users simply activate Windows using local crack tools. The Iranian government has voiced concerns over this dependence (both for security and ideological reasons) and as mentioned, experimented with an Iran-made “national OS”. The project, Zamin OS, was a Linux-based system developed by Iran’s IT Organization around 2012. However, Zamin never gained traction beyond government pilots – ordinary people stuck with familiar pirated Windows, and even many offices continued with Windows XP/7 for years. More recently, as cybersecurity fears grew (especially after incidents like the Stuxnet virus which exploited Windows vulnerabilities in Iran’s nuclear facilities), there has been a renewed push in Iran’s public sector to adopt Linux distributions. Yet without a strong commercial backer, these efforts are slow. Essentially, Iran’s PC ecosystem is a patchwork of unlicensed Western software and niche local projects.

Russia, prior to 2022, was in a somewhat better position to attempt a migration from Windows. The Kremlin invested in companies like Rusbitech-Astra (which makes Astra Linux) and Red Soft (which makes Red OS, another Linux distro) to supply secure operating systems for the military and government agencies. There is also ALT Linux by BaseAlt and a few others. These are all flavors of Linux adapted for Russian language and compliance with Russian cryptography standards. Even so, adoption was limited – as of 2023, an industry expert noted **Windows still held about 80% OS market share in Russia, with local OSes collectively under 20%**. Microsoft’s exit from Russia is expected to gradually change this. Russian authorities gave companies a deadline (September 2023 for some license renewals) after which Windows updates or renewals would stop. This “end of official Windows” in Russia is forcing entities to either accept using outdated/unpatched Windows (with security risks) or switch to Astra, Red OS, etc. Some large organizations have started migrating: for instance, Russian Railways and some banks announced plans to deploy Astra Linux on thousands of PCs. The Russian Ministry of Digital Development confidently stated that Russia “definitely” has viable OS solutions and that the transition was underway. Enthusiasts claim that ALT 8 SP (a local OS) can handle all the tasks Windows did, and is already replacing Windows in the public sector. However, regular consumers have been slower – many simply opted to keep using their current Windows and disable updates or find pirate activations when licenses expired. Searches for Windows cracks spiked by hundreds of percent after Microsoft’s suspension. Thus Russia is in a transitional state: official sectors moving to Linux-based Astra/Red OS, while home users quietly stick to pirated Windows until it breaks. Apple’s macOS, meanwhile, was never huge in Russia (~10% or less market share), and with Apple halting sales, Mac users either left the platform or maintain their existing machines without official support.

North Korea is the only one of the three that successfully deployed a homegrown OS as the default. The Red Star OS is a Linux-based operating system developed by KCC and rolled out across North Korean computers in the 2010s. Early versions mimicked Windows XP’s look, but Kim Jong-un – known to be an Apple fan – had Red Star 3.0 redesigned to closely resemble Apple’s macOS interface (with a dock, Finder-like file manager, etc.). Red Star is used on North Korean desktops in universities, libraries, and government offices. It’s heavily locked down: it watermarks files and has custom encryption tied to the machine to prevent data sharing. While average citizens rarely touch a computer (outside maybe a library), the expectation is that any officially sanctioned PC runs Red Star, not Windows. Of course, exceptions are made for specialized uses – some secret government systems probably still run Windows or other OS (possibly illicitly) if needed for compatibility. But publicly, Red Star OS is part of North Korea’s assertion of digital sovereignty. As one report quipped, they ditched “Windows 7 for a Mac OS rip-off,” since they can’t import real Macs due to sanctions.

Updates and Security Patches: A critical challenge in a sanctioned environment is maintaining software updates. Microsoft, Google, and Apple regularly provide security patches – but if you’re cut off, how to get them? In practice, many Iranian and Russian users still received updates through various means. For instance, Windows Update services were not immediately blocked for Russian IPs after sanctions (likely to avoid creating a massive botnet risk), so Windows 10/11 machines might still pull updates from Microsoft servers. If that stops, users can use VPNs or download update files manually from mirrors. Similarly, Android phones in Iran can’t access Google Play for updates, but they rely on third-party app stores or direct APK downloads to keep apps updated. It’s cumbersome and may lead to outdated software running, which raises cybersecurity concerns. Russian companies like Kaspersky have warned that without official patches, Russian systems could become vulnerable, which is indeed a worry echoed by experts. That concern is partly driving the push to switch to systems that Russian teams can patch or support internally (hence moving to open-source Linux, where local IT staff can at least apply fixes from global open-source updates). In North Korea, updates for Red Star are entirely controlled by the state – presumably, they incorporate security patches at their discretion (though a research in 2016 found some outdated components in Red Star, implying patching might be slow).

Mobile Operating Systems: On the smartphone side, the picture is slightly different but related. Android (Google) and iOS (Apple) are the two dominant mobile OS globally. Under U.S. sanctions, neither Google nor Apple distributes their mobile services in Iran or North Korea, and Apple halted services in Russia. Iranians have used Android phones widely – often from brands like Samsung, Huawei, Xiaomi. Since 2018, Google has intermittently restricted Iranian users’ access to certain apps (e.g. removing Iranian bank apps from Google Play). As a result, Iran’s tech community created those alternative app stores (like Cafe Bazaar) to host Android apps, including an entire ecosystem of Iranian apps that never required Google’s approval. Android itself being open-source (AOSP) can be used freely; it’s Google’s proprietary apps (Gmail, Maps, Play Store) that are withheld. Iran’s “homegrown Android OS” project at Sharif University, mentioned earlier, basically forked AOSP to create an Iranian Android variant that could run on local brand phones (GLX) without needing Google support. The ICT minister touted that “Google cannot remove the Iranian operating system” and that Iranian developers can release apps without fear of U.S. sanctions on that platform. In practice, GLX phones with that OS are a tiny niche; most Iranians with Android simply use international versions and install apps via Bazaar. But if Google ever completely blocked Android functionality, Iran has a partial fallback ready.

Apple’s iOS devices (iPhones) present a tougher scenario since Apple’s ecosystem is closed. Officially, Apple has not sold iPhones in Iran or North Korea at all (ever), and it stopped sales in Russia in 2022. Yet, iPhones are still present in these countries via gray markets. In Iran, an estimated several million iPhones are in use, all activated outside or with foreign Apple IDs. When Apple, citing sanctions, disabled Iranian apps and even temporarily cut off iOS devices in Iran in 2018, it caused uproar. (At one point in 2019, Iran’s minister claimed 350,000 iPhones were “turned off” in Iran due to Apple’s measures – though details are murky.) To cope, Iranian iPhone users rely on app distribution services like Sib (SibApp) which uses enterprise certificates to load apps onto iPhones without the official App Store. The image below illustrates this adaptation:

Apple’s App Store (top) is officially not accessible in Iran, so developers created “Sib” (bottom), an Iranian app store for iOS. Sib means “apple” in Persian and uses an apple logo, offering Iranian iPhone users a way to download apps despite Apple’s geo-restrictions.

For Russia, Android phones remain available (via Chinese brands and parallel import of others), but new Android devices sold in Russia no longer come with Google Mobile Services fully functional if they are models introduced after sanctions – Google has restricted Play Store payment services, etc. Russia had begun developing a Linux-based mobile OS called Aurora OS (derived from Jolla’s Sailfish OS, which a Russian telecom firm acquired). Aurora is targeted for government and corporate use (for secure phones), not mass-market. There were pilot programs to supply civil servants with Aurora-based devices to avoid Android/iOS reliance. Still, the vast majority of Russians continue using Android (approx. 80% share) and iOS (around 15-20% before 2022) through parallel import. The difference is they might not get timely OS updates or certain apps might not work due to sanctions. For example, Apple Pay and Google Pay were shut off for Russian bank cards in 2022, rendering the tap-to-pay feature on phones unusable with domestic banks. Russians turned to the domestic “MIR Pay” or bank-specific QR payment apps as a workaround (more in Fintech).

In North Korea, smartphones exist (the Arirang, Pyongyang, and other models) which run Android but completely stripped of Google and with a modified interface in Korean. Those phones are produced by importing Chinese hardware kits and loading a state-customized Android OS that likely includes surveillance features. There is no concept of an “app store” for North Korean phones accessible to users; they come pre-loaded with apps and any new apps (like a dictionary or game) must be installed by technicians at service centers, with approval. Hence, OS and software updates on NK phones are entirely centrally controlled.

Productivity and Office Software

Beyond operating systems, another key software domain is productivity tools – office suites, email clients, design software, programming IDEs, etc. Microsoft Office, Adobe Creative Cloud, AutoCAD, and similar U.S. products are industry standards globally, but sanctioned countries often lose legal access to them.

Office Suites: Microsoft Office is widely pirated in Iran and North Korea. In Russia, until recently many organizations still legally bought Office, but now those licenses can’t be renewed. The Russian alternative MyOffice (a locally developed office suite compatible with MS formats) has been promoted for government use. Some Russian schools and agencies started installing MyOffice to replace MS Word and Excel. Likewise, LibreOffice (open-source) has gained users in these countries as a free substitute. Iran’s state agencies have attempted to shift to open-source office suites at times to avoid reliance on U.S. software (and to respect copyright since they technically shouldn’t use pirated copies either). However, adoption is uneven – many employees still find MS Office easier due to familiarity, so pirated copies persist. By one estimate, Microsoft’s Office products still held 50–60% share in Russia as of 2023, with the rest on alternatives. That is expected to tilt as updates cease. A notable anecdote: in 2022, soon after sanctions, Russian search queries for “Excel download” jumped by 650%, indicating people scrambling to grab a copy before it became unavailable. This underscores how ingrained Western productivity software is, and the friction in replacing it.

Email and Collaboration: Corporate email servers like Microsoft Exchange or Google Workspace are also affected. Russian companies that used cloud-based Microsoft 365 had to migrate data to self-hosted mail or to Russian services (like Yandex Mail for Business or Mail.ru for Business). The Russian government itself moved many domains to GosSOPKA, a state-run email system, or simply mandated the use of domestic email servers. Iran similarly ensures government emails run on .ir domains and local servers (part of the National Information Network). For day-to-day emailing, ordinary people use whatever is available – Yahoo Mail, Gmail (accessible via VPN in Iran), or local email providers.

Creative Software: Adobe’s suite (Photoshop, Illustrator, Premiere, etc.) is heavily used by designers and media professionals worldwide. Adobe cut off Russian and Belarusian access in 2022 and long has restricted Iran. The result: designers either stick with older pirated Adobe versions or switch to alternatives like CorelDRAW (Canadian) or open-source GIMP/Inkscape for images, DaVinci Resolve for video editing, etc. In Iran, there are even a few indigenous graphics software, but none on Adobe’s level of adoption. Often, training institutes in these countries still teach Photoshop and 3ds Max (for 3D modeling) using pirated software because that’s what the industry outside uses. It’s a risk if those tools get updates that locals can’t obtain, but in practice the creative community finds cracks. For instance, Russian torrent sites saw spikes in downloads for Adobe and Autodesk software after the official channels closed.

Software Development Tools: Developers rely on tools like GitHub, npm (Node package manager), PyPI (Python packages), etc. As noted, GitHub had a hiccup but is now accessible. Package repositories are generally open, although there were some incidents of U.S. maintainers geoblocking downloads from Russia (quickly criticized by the open-source community). To mitigate any future risk, Russia started hosting mirrors of popular repositories (there’s talk of a “national GitLab” instance). Iran, which faces more persistent blocks, often uses mirror sites and proxy repositories. An interesting case: when Google limited access to some of its developer services in Iran, the Iranian tech community responded by creating local mirrors. For example, they cloned the npm package repository so developers could fetch libraries without connecting to foreign servers that might be blocked. These mirrors are part of the effort to build a self-sufficient intranet.

Case: Red Star OS Software – North Korea’s Red Star comes bundled with its own productivity apps. It has a word processor (derived from OpenOffice), a calendar, an email client, etc., all with Korean-language support and tailored for offline use. It even includes a program for composing music and some educational tools. Of course, these are all meant for very limited use cases (like writing reports for the government). Any advanced professional software (e.g., CAD programs for engineers) in NK likely has to be obtained illicitly or in outdated form. They might still be running a cracked AutoCAD 2004 on some lab computer, for example, if needed for a project, since updating to latest is impossible.

To summarize, in the realm of OS and productivity software, open-source solutions and piracy are the predominant coping mechanisms. Governments try to foster domestic OS projects (Astra Linux, Zamin, Red Star) to replace Windows/macOS, with mixed success. And for everyday office work, they either develop local software (MyOffice in Russia) or accept the widespread unlicensed use of Western software because it keeps businesses running. The table below gives a high-level comparison of OS strategies:

Table 3: Operating System Alternatives and Usage

Platform Western Product Iran’s Approach Russia’s Approach North Korea’s Approach
Desktop OS Microsoft Windows, Apple macOS Mostly pirated Windows (80%+ share); limited adoption of local Linux (Zamin OS trial) Still majority Windows (pirated after 2022); Government switching to Astra Linux, Red OS, ALT (Linux distros) Red Star OS (Linux-based) on official PCs; Windows/macOS usage only by elites (illegally)
Mobile OS Android (Google), iOS (Apple) Android widely used via Chinese brands; Google Play blocked → use Cafe Bazaar app store; Local Android fork developed for GLX phones. iPhones used via grey market (no local iOS, use of Sib app store). Android phones available (mostly Chinese; Google services limited); Developing Aurora OS (Sailfish-based) for govt phones. iPhones via parallel import; Apple services (Pay, Store) disabled in Russia. Android-based domestic phones (no Google apps) with tightly controlled app installs. Virtually no Apple device usage except smuggled ones by top officials.
Office Suite MS Office 365 MS Office pirated; some use LibreOffice. No major local suite (older “Saray Office” existed). MS Office widely pirated after license ban; MyOffice suite promoted for public sector; LibreOffice also used. Red Star includes office apps (Korean OpenOffice); any MS Office use is unofficial.
Design/Media Adobe Creative Cloud, AutoCAD, etc. Pirated Adobe, Corel, etc. used in industry. Few local graphics programs exist. Pirated Adobe/Autodesk by freelancers; some shift to alternatives (Affinity, etc.). Govt encouraging local software but none on Adobe’s level. Very limited – state media uses whatever tools they have (likely older cracked versions). Red Star has basic image/audio editors.

(Sources: market share data from StatCounter, reports on Astra Linux, Business Insider and Tehran Times on Iran’s OS efforts, etc.)

Despite the challenges, it’s notable that none of these countries have been “technologically paralyzed” by the lack of official Windows or Office support. They find a way to keep the lights on – whether through unsanctioned copies or alternative systems. However, the cracks in the facade may grow over time: running outdated software or less polished local OSes can reduce efficiency and increase security risks. Russia and Iran will need to significantly improve their domestic software quality if they are to permanently wean off Western products. North Korea, by essentially freezing its tech environment in a walled state, avoids comparison but also lags far behind modern capabilities.

Cybersecurity and Digital Defense

Sanctions influence not just consumer tech but also the cybersecurity posture of a country. With limited access to the latest security products and updates from Western firms, sanctioned states have had to bolster their own cybersecurity industries and sometimes take a different approach to digital defense. Additionally, as mentioned earlier, these states engage in offensive cyber operations, which indirectly helps them procure data and software. In this section, we focus on how Iran, Russia, and North Korea manage cybersecurity and what innovations or issues arise from being cut off from mainstream security ecosystems.

Indigenous Cybersecurity Firms and Tools

Russia historically has a strong cybersecurity sector – Kaspersky Lab being the prime example of a globally recognized Russian antivirus company. Even though Kaspersky’s software is now banned from U.S. government use due to security concerns, it remains a top antivirus product worldwide (though its reputation took a hit and some Western users dropped it after 2022). Within Russia, Kaspersky and other local firms like Doctor Web and Positive Technologies provide much of the security software for businesses. Positive Technologies was actually sanctioned by the U.S. in 2021 for alleged ties to Russian intelligence, but it continues to operate domestically and even expand in Asia. The takeaway is Russia can rely on its homegrown antivirus and cybersecurity service companies to fill the gap if U.S. firms like Symantec or Microsoft (Windows Defender) aren’t available. The government also has research institutes dedicated to cryptography (using Russian GOST cryptographic standards) which are built into domestic software. The challenge is more in updates and threat intelligence: previously, Russian and Western researchers freely shared malware information at conferences. Now cooperation is reduced, and Russian experts lean on alliances in BRICS or others for that exchange.

Iran’s cybersecurity industry is less globally known but has been developing out of necessity. Iran faces constant cyberattacks (e.g. Stuxnet in 2010, repeated waves of malware on infrastructure), so the Revolutionary Guard and other bodies set up cybersecurity units and encouraged local tech companies to produce defense solutions. There are Iranian antivirus programs (like “Padvish”) and firewalls created within Iran. The quality is uncertain when compared to global products, but they exist. Iran also benefits from being able to import or copy some technologies from countries like China – for instance, Iran’s nationwide internet filtering system (some call it the “Halal internet”) is rumored to use Chinese-made DPI (Deep Packet Inspection) equipment similar to what the Great Firewall uses. So for cybersecurity, Iran often combines local talent with imported solutions from non-Western sources.

North Korea’s approach to cybersecurity is mostly offensive (their hackers) and internal security. They have a very limited number of computers to secure (given the closed network), so they likely just physically isolate critical systems. Red Star OS, as noted, has built-in features to monitor files and connections on North Korean machines – effectively a security measure to prevent unauthorized activity. It even has its own anti-virus tool (the effectiveness of which is unknown, but it’s probably meant to catch any foreign malware that might slip in via USB). For external threats, since North Korea’s internet presence is so small (only a few dozen websites and a few gateways), it can disconnect quickly if needed. Ironically, North Korea may have the “best” defense by virtue of its isolation: a piece of ransomware or virus cannot rampage through North Korean networks the way it could elsewhere, because those networks are mostly disconnected from the world.

Handling of Vulnerabilities and Patches

When a new critical vulnerability (say in Windows or Cisco routers) is discovered, Western companies issue patches. In sanctioned countries, applying those patches might be delayed or impossible if the vendor blocks the region. For example, after Russia’s invasion, some Western tech companies considered withholding security updates as part of the pressure campaign. This raised ethical concerns because letting systems go unpatched could harm civilians or be exploited by criminals. Generally, most vendors did continue basic security patches (to avoid collateral damage). But in cases where they did not, the sanctioned countries have had to get creative. They might rely on open-source disclosure of the vulnerability and then apply unofficial fixes. For instance, if a major Linux vulnerability (open-source) comes out, Russian and Iranian sysadmins can patch it because the code and fix are publicly available. If it’s a proprietary system like Oracle Database, and Oracle has cut off support, then users might be stuck running an old version with known holes. One solution is to replace such software with open-source alternatives to regain control of patching.

Russia has increased efforts to audit and fork open-source projects to ensure they can maintain them independently. There was talk of a Russian repository for critical open-source components – partly in case Western sanctions try to restrict even open-source flows (which is hard to do legally, but trust eroded). In Iran, after some past incidents (like when Google Code and other services were cut off), they similarly mirror crucial libraries and tools domestically so that even if cut off, development can continue. This is more about software development than end-user security, but it overlaps – a secure system requires up-to-date components.

Another aspect is hardware security. Both Iran and Russia cannot easily get the latest security appliances (like high-end firewalls from Palo Alto Networks, or secure routers from Cisco). To compensate, they use a combination of older gear, possibly imported under-the-table, and increasing use of Chinese or local-made network equipment. Huawei, for example, supplied a lot of networking gear to Russia’s telecom sector after Western companies withdrew. Huawei’s equipment comes with its own security considerations (some fear backdoors accessible to Beijing), but from Russia’s view it’s a trade-off they accept to keep networks running. Similarly, Iran’s major telecom backbone is known to have Huawei and ZTE components due to sanctions on Western telecom equipment.

Cyber Offense and Evasion

We discussed offensive hacking earlier as a government strategy to steal tech and money. Here, from a security standpoint, it’s worth noting that sanctioned countries often blur the line between criminal hacking and state operations. For example, Russian ransomware groups or Iranian hacker collectives might operate with semi-official blessing as long as they target foreign entities. This can be seen as a form of asymmetrical response to their tech isolation – if they can’t buy some software, maybe they’ll try to hack into the company that makes it and steal the source code. There have been instances of Iranian hackers breaking into software companies or universities to grab research and software licenses, essentially bypassing export controls by theft.

North Korea’s Lazarus Group not only steals crypto but also has stolen software code (like from South Korean firms) to reuse in their own programs. Lazarus even created a fake cryptocurrency app to distribute malware – showcasing significant software engineering skill inside NK. Those skills likely feed back into domestic tech development in subtle ways.

Sanctions Evasion in Cyber: On the flip side, these countries also have to defend against inbound cyber threats which might be exacerbated by sanctions. For instance, if Iran can’t easily get the latest security updates, that makes it a more attractive target for cyberattacks (from hostile states or cybercriminals). They know this, so they put more effort into defense in depth – segmenting networks, using offline systems for critical infrastructure, etc. Also, because sanctions sometimes limit direct cooperation, Iran and Russia share a lot of notes with each other and with China on cyber defense tactics. There have been joint cybersecurity drills between Russia and its allies, and Iran holds an annual conference on cyber defense inviting like-minded nations. These are ways to compensate for being shut out of Western-led security forums.

National Cyber Emergency Response: Russia and Iran have their versions of CERT (Computer Emergency Response Team). Russia’s CERT (called FinCERT for financial sector, and another for government) coordinates responses to big incidents. In 2022, facing a deluge of Western hacktivist attacks (like Anonymous hitting Russian sites), Russia isolated government networks from the internet and focused on quickly patching or blocking attack vectors. Sanctions didn’t directly cause those attacks, but the geopolitical situation did. The ability to disconnect (via the sovereign internet tools) was essentially a defensive measure.

Iran faced waves of cyberattacks as well (like the train system hack in 2021). In response, they sometimes disconnect critical systems from global connections entirely (e.g., nuclear facilities are air-gapped). The irony is that sanction-induced isolation can increase security in certain cases by default – systems not connected to the outside are harder to hack remotely. But it decreases security in other ways by hindering updates.

Human Factor: One cannot ignore the impact of sanctions on the human talent in cybersecurity. In Russia, many top IT and security professionals left the country after the war started (a “brain drain”). This hurts their cybersecurity readiness long-term, as fewer experts remain to combat threats. Iran similarly has seen some brain drain of IT experts, although many also stay and are patriots working in government cyber units. North Korea ensures to keep its cyber talent tightly bound, often dispatching them abroad but under state control. That actually helps NK – their hackers get exposure to new systems outside and bring knowledge back.

To sum up, cybersecurity under sanctions becomes more nationalized and insular. These countries try to build a complete security apparatus internally, from antivirus software to firewalls to skilled personnel. They succeed to varying degrees (Russia likely most, NK only for government needs). They also leverage their “offensive security” prowess to compensate for deficiencies in “defensive security” technology they can’t buy. Each has so far avoided a catastrophic cyber meltdown despite limited Western support – which itself is a testament to their adaptive strategies.

Fintech and Digital Finance

Modern finance is heavily digitized, and U.S. sanctions directly target financial connectivity – cutting banks off from SWIFT, blocking payment companies, etc. Thus, fintech and payments is a domain where Iran, North Korea, and Russia have made significant adjustments to operate without U.S. platforms like PayPal, Visa/Mastercard, or global payment networks. We will examine how everyday transactions, online shopping, and larger-scale financial transfers work under sanctions, and what domestic or alternative systems have arisen.

Banking and Payment Networks

Perhaps the most disruptive sanctions measures are those against banks: for instance, Iranian banks have been disconnected from SWIFT (the international banking messaging network) since 2012 (with a brief reprieve during the 2015 nuclear deal), and major Russian banks were cut off from SWIFT in 2022. In response, both countries had prepared alternatives. Russia developed SPFS (System for Transfer of Financial Messages), a SWIFT-like system for Ruble transactions, after 2014. Post-2022, SPFS usage surged – by 2023 it handled the majority of interbank messages domestically and was connecting some foreign banks (notably in former Soviet states and recently Iranian banks) to enable cross-border payments with Russia . Iran likewise built a messaging system that recently got linked with SPFS, allowing Iranian and Russian banks to send payment orders bypassing SWIFT in USD or EUR (they likely transact in Ruble or Rial or through conversion to Yuan).

On the consumer side, when Visa and Mastercard pulled out, it was a huge change. In March 2022, Visa and Mastercard ceased operations in Russia – Russian-issued cards stopped working abroad and foreign-issued cards stopped working in Russia. Russia’s answer was the Mir card network. Mir is a domestic card payment system launched in 2017 (after the 2014 sanctions as a precaution). By 2022, Mir cards were issued by all major Russian banks and could handle Ruble transactions inside Russia normally. The government pushed public sector employees and pension recipients onto Mir cards swiftly. To regain some international acceptance, Russia sought partnerships: MIR-UnionPay co-badged cards were issued, since China’s UnionPay was one network still open to Russians. This allowed limited use in countries where UnionPay is accepted (e.g. Turkey initially accepted Mir, but later some banks stopped under U.S. pressure; a few places like Belarus, Armenia, and some Vietnam banks still honor Mir). There are ongoing efforts for Mir to be usable via QR in countries like Iran and China. Essentially, Russia is creating a parallel payment ecosystem with friendly nations.

Iran has been cut off from Visa/Mastercard for decades, so it developed a robust domestic banking system. Iranian bank cards all operate on the Shetab network, an interbank system inside Iran that allows ATM withdrawals, debit transactions, and local online payments. Iranians use Shetab-linked debit cards for everything inside the country. For online purchases (e-commerce in Iran), they use payment gateways like ZarinPal, which is an Iranian equivalent to PayPal for local currency transactions. ZarinPal and others enable e-commerce sites to accept Shetab card payments easily (since they can’t use Visa or PayPal). To give an idea, ZarinPal essentially brought safe online payments to Iranian e-commerce in the 2010s, mirroring PayPal’s role. The Business Insider image earlier showed PayPal’s site vs ZarinPal’s site, highlighting how closely they parallel each other in concept and design.

For sending money abroad or receiving money, Iranians and Russians both have turned to informal methods. Crypto is one (as discussed previously). Another is the ancient system of hawala or money changers – e.g., an Iranian wishing to pay for something abroad might give rials to a local exchanger who then instructs an associate in Dubai or Turkey to pay the beneficiary in dollars or other currency. These “underground remittances” flourished as formal channels closed.

North Korea is basically cut off from global finance entirely. It doesn’t have debit cards or any connection to Visa/Mastercard for its citizens. The country operates on cash domestically (North Korean won), and for foreign trade it uses whatever it can: wire transfers through Chinese banks under aliases, cash smuggling, gold, and increasingly, cryptocurrency for secret transactions. North Korea reportedly even started its own local cryptocurrency (though it would have no international value) and has been mining bitcoin to build reserves. For the elite in Pyongyang, there are perhaps “foreign cash cards” – anecdotal evidence suggests certain stores accept foreign currency or special cards loaded with foreign currency (possibly managed by a bank in China). But for the common person, these modern fintech concepts are nonexistent.

Digital Banking Apps and Mobile Payments

In Russia before sanctions, Apple Pay and Google Pay were popular in big cities. When those were disabled, Russians resorted to alternatives: MIR Pay (a NFC payment app for Mir cards on Android phones) and SBPay (Sberbank’s own mobile wallet) gained users. The Central Bank also heavily promoted its Fast Payment System (FPS) – a QR-code based instant payment method that allows people to pay merchants by scanning a QR (the money moves directly bank-to-bank, circumventing card networks). FPS usage indeed spiked when cards were in flux. This is similar to how China’s Alipay/WeChat Pay use QR codes, and Russia learned from that model. By 2023, one could pay at many retail stores in Russia either with a Mir card tap or scanning a QR code for FPS, mitigating the loss of Visa/MC.

Iran has had mobile payment apps for a while – every bank offers a smartphone app that lets you do intrabank transfers, pay bills, etc. Additionally, local fintech startups like Cafebazaar’s “SnappPay” (part of the Snapp super-app) or Behpardakht facilitate easier mobile payments. Because Iran’s banking is isolated, they leapfrogged in some areas: for example, Iran implemented a domestic card-to-card transfer system via phone that’s very instant, something Western countries only got recently via things like Zelle. This means an Iranian can send money to a friend by just knowing their card number, using a mobile app, and it’s done in seconds across banks – a response to the need for internal efficiency since external options are barred.

For online commerce, aside from ZarinPal, there’s also Pep, IdPay, and others – gateways that handle the transaction and settlement entirely in Iran. These have enabled a vibrant e-commerce scene which we’ll cover in the next section.

North Korea doesn’t really do digital banking for citizens. Mobile money does not exist there publicly. There were reports a few years ago of a kind of pre-paid card called “Narae” that North Koreans in Pyongyang use to pay at certain stores – it’s loaded with either hard currency or domestic funds and swiped. But that’s more a replacement for carrying cash, not an internet-based system.

Cryptocurrency and Barter

Sanctions have pushed Iran and Russia to consider cryptocurrency for international trade. In 2022, Iran made its first official import order paid via crypto – about $10 million worth – as a pilot to bypass banking restrictions. Iran has also permitted crypto mining domestically (Iran has cheap electricity, so mining became big until crackdowns due to blackouts). Those mined bitcoins can then be used by the government or companies for foreign purchases. Russia too, after initial hostility to crypto, moved toward legalizing its use for cross-border settlement. By 2023, legislation was in the works in Russia to allow certain businesses to pay foreign trade partners in crypto under an “experimental” regime. The idea is if a Russian exporter and an importer in a neutral country want to trade outside SWIFT, they could agree to use a stablecoin or crypto token that is converted to rubles/rupees/etc on each end. We see early instances of this especially with Russian trade with countries like India and China using local currencies or crypto as they try to de-dollarize transactions.

North Korea, as mentioned, extensively uses crypto but in illicit ways – stealing it or extorting it via ransomware, then laundering it (often through mixers and shifting through China) to eventually turn into cash or goods for the regime.

Barter trade has also increased as a fintech workaround in a broader sense. For example, Iran has a deal to trade oil for goods in a barter-like mechanism (as noted in search results, China swapping cars for Iranian copper, etc.). While not “digital,” this bypasses conventional finance entirely. Russia under sanctions revived a sort of barter with some African countries – trading grain for commodities without money changing hands in dollars.

All these measures indicate a shift: sanctioned countries are trying to build an alternative financial plumbing that doesn’t rely on Western-controlled intermediaries. They are combining decades-old methods (barter, cash, gold) with cutting-edge ones (cryptocurrency, CBDCs). Russia’s Central Bank even floated the idea that its new digital ruble (a central bank digital currency) could one day facilitate transfers with countries like China, forming a SWIFT-free payment network. It’s still theoretical, but it shows the thinking: maybe blockchain and state digital currencies can create a new international payments ecosystem resistant to sanctions.

For now, the practicality is limited. The majority of Iranian and Russian international trade still ultimately involves currencies like the Yuan, Euro, or Dirham (UAE) with complicated exchange arrangements. But the groundwork for an alternative system is being laid, and sanctions were the catalyst accelerating it.

Everyday Impact: For the average Iranian, being cut off from Visa/Mastercard mainly means if they travel abroad or want to subscribe to a foreign service, they can’t use their bank card. Some obtain foreign-based cards via relatives or acquire gift cards. In Russia, travelers post-2022 had to carry cash or get UnionPay cards because their Russian cards wouldn’t work abroad. Domestically though, both countries ensured replacements (Mir, Shetab) were in place so daily life like ATM withdrawals and point-of-sale purchases continued with minimal interruption. North Koreans have no expectation of international finance, so daily life is all cash and government-issued coupons; ironically they felt no shock because they never had modern banking.

E-Commerce and Online Services

Sanctions impact e-commerce both in terms of platform access (Amazon, eBay, etc.) and logistics/payment (getting goods delivered, paying for them). We’ve seen how payments were handled; now we look at how Iran, Russia, and North Korea manage online shopping and digital services without Western e-commerce giants. Additionally, we cover related consumer tech sectors like ride-hailing, online travel booking, and other apps that often tie into e-commerce.

Domestic E-Commerce Platforms

Iran: Iran has a thriving internal e-commerce market with no involvement from Amazon or eBay. The flagship is Digikala, often dubbed “Iran’s Amazon.” Founded in 2006, Digikala grew to become the largest online retailer in Iran, selling everything from electronics to apparel across the country. It functions much like Amazon – users order on the website/app, and Digikala’s delivery network ships to their door, with payment on delivery or via Iranian online payment. Digikala’s success was possible because Amazon never entered Iran due to sanctions; local entrepreneurs filled the gap. By late 2010s, Digikala was valued at around $1 billion (a unicorn in Iran’s startup scene). Another major platform was Bamilo, a marketplace that Rocket Internet (a European company) briefly ran in Iran during the sanctions relief period, but it closed when sanctions snapped back. Nonetheless, Digikala and others like Torob (a price-comparison and marketplace aggregator) ensure Iranians can shop online domestically for most items. For daily needs, there’s also SnappMarket (groceries, integrated with Snapp), and Divar which, as mentioned, is Iran’s Craigslist allowing peer-to-peer sales of used goods.

One challenge is Iranians cannot easily buy from international online stores (Amazon doesn’t ship to Iran; even if you found a way to pay, shipping is blocked or prohibitively expensive). To get around this, a small industry of package forwarders or “importer shops” exists – someone in Iran might order via a contact in an intermediate country (like UAE) who buys the item on Amazon and then couriers it to Iran. But this is not mainstream, used only for specialty items.

Russia: Before 2022, Russians could and did order from AliExpress (Chinese), eBay, and even Amazon (though Amazon had no Russian arm, some Russians ordered from Amazon.de or .com for international shipping). After sanctions, shipping became tricky (many carriers stopped service, cards didn’t work, etc.). The gap, however, wasn’t huge because Russia already had strong local e-commerce: Ozon.ru and Wildberries are the top two home-grown marketplaces. Ozon is akin to Amazon with a broad range of products and fulfillment centers; Wildberries started with fashion and expanded to general merchandise, and interestingly Wildberries has expanded to some other countries as well. Yandex.Market is another major player (originally a comparison site that became a marketplace). Also, AliExpress Russia was a joint venture between China’s Alibaba and Russian partners, which continues to operate, focusing on cheap Chinese goods delivered to Russia. Post-sanctions, Chinese sellers on AliExpress became even more important to supply things that Western brands withdrew – for example, consumer electronics from Chinese brands fill the void of Western brands, sold via AliExpress or local sellers.

In travel booking (a form of e-commerce), Russia had to replace Booking.com and Airbnb which both suspended operations in Russia. Russians turned to Ostrovok (for hotels) and Tinkoff Travel or Aviasales for flights. The government is also pushing a platform called MirTravel that integrates with Mir payments and offers hotel booking (focusing on domestic tourism due to limited international flights). For ride-hailing, Yandex.Taxi (now part of Yandex Go super-app) was already more popular than Uber in many Russian cities; Uber actually exited Russia by merging its operations with Yandex.Taxi a few years ago. So ride-hailing continued largely unaffected. Citymobil is another local rideshare that operates in some Russian cities.

North Korea: There is basically no e-commerce for the average person. A very limited experiment was reported where in Pyongyang some people could use a mobile phone service to order groceries or takeout, but it’s unclear how widespread or if it still exists. Possibly a service through the intranet for privileged users to order from state department stores for delivery might have been tested (especially during Covid lockdowns, maybe). But by and large, commerce in NK is physical – in markets using cash or coupons. Any “online service” tends to mean state propaganda content delivered over the intranet.

Case Studies and Visuals

We’ve already highlighted Snapp in Iran as a case study in ride-hailing and super-app success under sanctions. Another Iranian case is Tap30, a competitor to Snapp that holds the other 15% of the ride market. Both Snapp and Tap30 survived despite being removed from app stores, by using progressive web apps and local app distribution. Their existence has improved mobility in Iranian cities – an example of sanctions inadvertently fostering domestic innovation (if Uber could operate in Iran, local startups might not have grown as much).

For e-commerce, the comparison between Amazon and Digikala is often made. Digikala modeled itself on Amazon down to features like user reviews and product recommendations. The Business Insider piece placed Amazon’s homepage and Digikala’s homepage side by side, noting Digikala functions largely the same way as Amazon. Iranian consumers adapted to using Digikala for reliable delivery and selection.

In Russia, Wildberries is an interesting case – founded by a Russian woman, it became one of Europe’s largest e-commerce companies by volume. It thrived even before sanctions, but with Western retailers leaving (Zara, H&M closed stores, etc.), more Russians turned to ordering clothes on Wildberries. Wildberries has a network of pickup points and lockers across Russian cities (since home delivery to apartments can be tricky without concierge, many Russians pick up parcels from nearby lockers or stores). This network helped fill the gap left by shuttered Western retail.

The table below provides a snapshot of e-commerce platform parallels:

Table 4: E-Commerce and Service Platforms – West vs. Sanctioned Country Equivalents

Service Type Western Platform Iran’s Equivalent Russia’s Equivalent North Korea’s Equivalent
General E-Commerce Amazon, eBay Digikala (Amazon-like); Divar (classifieds like Craigslist) Ozon, Wildberries (Amazon/eBay-like marketplaces) None (physical markets only)
Niche E-Commerce – (various) Bamilo (defunct marketplace once run during sanction relief) AliExpress Russia (joint venture for Chinese goods) None
Ride-Hailing Uber, Lyft Snapp (“Uber of Iran”, 85% market); Tap30 (competitor) Yandex.Taxi (dominant, merged with Uber’s local ops); Citymobil Limited (traditional taxis only)
Food Delivery UberEats, DoorDash SnappFood (formerly ZoodFood, part of Snapp) Yandex.Eats, Delivery Club (local apps for food delivery) None (no online food delivery)
Travel Booking Booking.com, Airbnb SnappTrip (Iranian Expedia-equivalent) for hotels/flights; local agencies manually Ostrovok (hotels); Twill (former Airbnb clone); Aviasales (flights) None (state tourist bureau only)
Classifieds Craigslist, eBay (used) Divar (peer-to-peer sales platform) Avito (major classifieds site in Russia) None (physical markets instead)
Online Payments PayPal, Stripe ZarinPal (local PayPal); IDPay, etc. YooMoney (formerly Yandex.Money e-wallet); QIWI (e-wallet/kiosk system) None (cash only society)

This table illustrates how Iran and Russia built out nearly every category of online service domestically – sometimes with multiple competing providers – whereas North Korea essentially has no counterparts due to its restricted environment.

A note on Russian fintech/e-wallets: YooMoney (formerly Yandex.Money, now majority-owned by Sberbank) is a popular online wallet Russians use for digital payments, much like PayPal. It was originally a joint venture with PayPal rival attempts. Also QIWI is a Russian payment company known for its cash top-up kiosks and virtual Visa cards; it allowed people without bank accounts to participate in e-commerce by feeding cash into a machine and getting a prepaid card. QIWI had issues with sanctions too (the U.S. sanctioned a QIWI co-founder for connections to an individual, but not the whole company). These tools became more prominent after Visa/Mastercard left – e.g., Russians could still use QIWI virtual cards within Russia or certain allowed transactions.

North Korea’s innovation here might be in logistics rather than digital. They have a decent physical delivery network for government purposes (Korea Post is active). But nothing like an “app to order stuff.” That said, it’s worth mentioning that black markets in NK sometimes take “orders” informally – one could tell a trader they want a certain Chinese appliance, and that trader when next traveling to China will try to bring it. It’s all offline and based on trust, a far cry from the digital convenience in other places.

Impact of Sanctions on Availability of Goods

One aspect of e-commerce under sanctions is that the selection of goods can be limited. For instance, on Digikala in Iran, you won’t find the latest Apple iPhone sold officially; instead, you might find it via third-party sellers at a markup, or more likely not listed at all and only found on grey markets. Similarly, Russian e-commerce sites had to delist products from brands that stopped shipments (e.g., new Apple or Dell laptops). They replaced them with alternatives: more Chinese brands or Russian-assembled ones. For example, the Russian government encouraged retailers to stock Azeri, Turkish, Chinese electronics to replace Western ones. In clothing, when Western brands left, Wildberries started promoting Russian apparel brands or imports from Turkey/China. In many ways, the e-commerce companies themselves became agents of import substitution – they had to source non-sanctioned inventory to keep sales up.

For Iran, sanctions on many categories of goods (like luxury items, electronics) mean domestic e-commerce often deals in unofficial imports. Many smartphones or laptops sold on Digikala are imported by small companies through unofficial channels, since HP or Samsung cannot officially sell to Iran. This can raise prices and complicate warranty/repair, but Iranians have adapted.

Digital goods and services are also impacted: Iranians and Russians can’t directly buy software or subscriptions from Western providers (no Netflix, no Spotify payments, etc.). They find workarounds – like buying gift cards via third countries, or using a family member abroad’s account. But local substitutes pop up here too: Iran has a filmmaking and streaming industry (e.g., Namava and Filimo are Iranian streaming platforms producing original shows for Iranian audiences, stepping in since Netflix can’t), and Russia boosted Kartina.TV and other Russian streaming services for movies. Music streaming in Russia is served by Yandex Music and VK Music, which gained even more users after Spotify pulled out in 2022. Those services already existed but filled the void when the global players left.

Overall, e-commerce and online services in sanctioned countries show a pattern: where global platforms withdraw, domestic ones rapidly take over, often closely modeling the originals. This ensures continuity for consumers, though often with a smaller range of goods or maybe lower tech sophistication. Yet, some domestic platforms have become very sophisticated in their own right (Snapp and Digikala are as advanced as many Western apps). The absence of competition also sometimes leads to monopolies or less competitive pricing – e.g., if Wildberries and Ozon dominate Russian e-commerce, they have more pricing power without Amazon or eBay around. In Iran, Digikala’s dominance means sellers must work with it carefully. On the flip side, these local champions are a source of national pride and employment, demonstrating a kind of sanctions resilience in the consumer sector.

Education and Scientific R&D

Sanctions indirectly affect the realms of education, research, and development by limiting access to global academic resources, collaborations, and technology transfers. Despite these barriers, Iran, North Korea, and Russia all place heavy emphasis on STEM education and scientific advancement (especially for strategic industries). Here we discuss how these countries sustain education and R&D, including use of open information sources, creation of domestic educational platforms, and partnerships with non-Western institutions, amid sanctions.

Academic Collaborations and Research Access

Russia: Post-2022, Russian academia faced exclusion from many Western partnerships. For example, Russian institutions were suspended or expelled from programs like Horizon Europe (EU funding program), and scientists lost access to some international labs (CERN famously banned Russian scientists in 2022). In response, Russia pivoted to strengthening ties with China, India, and others for research. A report in 2023 noted China has become Russia’s largest scientific collaborator – Chinese co-authorship on Russian research papers jumped as Western co-authorship declined. Chinese defense universities increased research partnerships with Russian institutes since 2019, helping offset some Western tech shortfalls. So, a clear strategy is “Look East” for science – joint projects with China in aerospace, supercomputing, materials science, etc., where previously Russia might have worked with European or American labs. Also, Russia is trying to become more self-reliant in publishing: there were discussions to create Russian citation databases and journals so that if Western publishers boycott them, their scientists can still publish at home. (Western journals did debate barring new Russian submissions, but ultimately most decided against blanket bans, focusing only on not recognizing official Russian institutional affiliations in papers.)

Iran: Iranian scientists have long operated under constraints – they often cannot import advanced lab equipment or subscribe to expensive journals due to sanctions. However, Iran has invested in domestic research infrastructure in fields like nuclear science, aerospace, and biotechnology. Iranian universities encourage publication in international journals; Iran actually ranks fairly high in scientific output in the region. They achieved this partly by using tools like Sci-Hub – the illicit paper-sharing site created by a Kazakhstani student – which provided free access to paywalled research (ironically, the founder of Sci-Hub was once based in Russia, and such tools are used widely by researchers in sanctioned states who can’t pay or access journals otherwise). Additionally, Iran cultivated academic ties with countries like India, Malaysia, China, and Russia for student exchanges and joint research. For instance, many Iranian physics and engineering students pursue PhDs in Malaysia or India when visas to the West are difficult. Domestically, Iran launched initiatives like the Kharazmi and Khayyam scientific programs to support homegrown innovation. Sanctions have arguably fostered a strong problem-solving ethic – e.g., Iranian researchers made strides in nanotechnology and vaccine development, partially because they had to find self-sufficient solutions (as seen in Iran developing a COVID-19 vaccine when importing was tough).

North Korea: North Korea’s scientific R&D is almost entirely state-driven and focused on military goals (nuclear, missiles, etc.) with little civilian spillover. The country’s universities do teach science, but their labs are relatively isolated. They do receive some help from China – for example, some North Korean students quietly attend Chinese universities under false identities or low profile to learn advanced skills. There have also been joint projects with sympathetic researchers (though that’s rarer nowadays due to scrutiny). In terms of access to knowledge, North Korea’s intranet reportedly hosts an offline version of Wikipedia (probably heavily filtered) for educational use. And they may have digital libraries of foreign scientific texts obtained via hacking or open sources. The limitation is actual experimental capability – without imported equipment or materials, NK scientists sometimes work with outdated tools. They compensate by reverse-engineering what they can and focusing on theoretical work. Interestingly, North Korea has made surprising advances (like building parts of a nuclear program or satellite) which implies they either clandestinely acquired foreign tech or did quite a lot with limited resources.

Education Technology (EdTech) and MOOCs

Online education platforms like Coursera, edX, Udemy, etc., are largely U.S.-based. These have been restricted at times for Iran and others. For example, Coursera initially blocked users from Iran, Cuba, etc., on certain courses because of U.S. regulations. Over time, some of these restrictions eased slightly (e.g., allowing more courses but still excluding anything that teaches sanctioned software). Many Iranian and Syrian students turned to VPNs to take MOOCs or used friends’ accounts abroad. Recognizing the thirst for online learning, Iran developed a few local platforms – e.g., Faradars (offering Persian online courses in tech and engineering). Iranian universities also set up their own learning management systems for remote learning, especially during COVID, independent of Western tech.

Russia, in the wake of sanctions and the pandemic, boosted its national online education content. The Moscow Institute of Physics and Technology, for instance, created online lecture series in Russian for topics that students might have otherwise sought on Coursera. There’s also a “Open Education” platform (Otkrytoe Obrazovanie) consortium of top Russian universities offering MOOCs in Russian. So if Coursera were completely off-limits, Russian students have alternatives in their language. That said, prior to 2022, many Russians did use Coursera and similar, and some courses even had Russian subtitles. Now, they might face payment issues for certificates, etc., so more will shift to domestic resources.

Academic Exchange: Sanctions also limit travel for academic conferences or study abroad. Iranian scholars face visa hurdles for Western countries, so they more frequently attend conferences in Asia or do virtual conferences. Russians in 2022-2023 found it harder to attend Western conferences as some organizers banned institutional Russian participation. As a result, Russia started planning to host more domestic conferences and inviting friendly countries’ academics. The risk is intellectual isolation – without engaging with the top global scientific community, progress could slow or become siloed. To mitigate, scientists use arXiv (open preprint server) and other open channels to keep up, which fortunately remain open to all.

Brain Drain vs Brain Circulation: Iran and Russia worry about losing talent due to sanctions (e.g., an Iranian AI expert might move to Europe for better opportunities). Some policies, like improving local research funding or creating tech parks (Iran’s Pardis Technology Park, Russia’s Skolkovo), aim to provide incentives to stay. North Korea prevents brain drain by essentially not letting people leave freely, but in doing so, they sacrifice exposure to fresh ideas – except for the elite who are sent out under supervision.

Notable Achievements Despite Sanctions: It’s worth noting each country has had signature scientific achievements under isolation. Iran launched its own satellites, developed a domestic supercomputer, and made indigenous advancements in stem cell research. Russia, even with recent constraints, continues to have strong legacy in fields like nuclear physics and space (though partnerships like on the International Space Station are now uncertain, Russia has its own space infrastructure). North Korea obviously demonstrated nuclear capability and ICBM development – an R&D feat under heavy embargo (though aided by external clandestine help from Iran/Pakistan in early stages, it later continued internally).

Sanctions can also redirect R&D focus towards military or strategic sectors at the expense of consumer tech. We see this in Iran and North Korea especially: a lot of innovation goes into missiles, drones (Iran has become a drone powerhouse – those drones now being exported to Russia), and cyber warfare tools, but less into say smartphone manufacturing or consumer electronics. Russia historically balanced military and civilian tech, but now military needs are dominating due to the war and sanctions (e.g., Russian R&D funds are flowing into creating domestic chips for weapons because they can’t import – efforts like the Elbrus CPU we mentioned).

Higher Education: On the education front, one positive from sanctions is that these countries emphasize self-reliance in education. Iran’s universities expanded the number of graduate programs so students wouldn’t have to go abroad for advanced degrees (especially in nuclear and aerospace to keep talent in country). Russia similarly has increased state-funded spots in tech fields to cultivate more local talent as foreign companies can’t supply expertise easily. North Korea’s education system, while ideological, strongly focuses on science basics for selected students (Kim Il Sung University’s computer science department, for example, trains the future cyber warriors and tech specialists).

Education and R&D under sanctions become more localized, and collaboration shifts from West to other partners or becomes internal. There is a drive to produce knowledge internally and to not depend on Western knowledge pipelines. However, knowledge is a global enterprise, so complete isolation can hinder cutting-edge research. These countries try to walk the line: isolate enough to be sanctions-proof, but not so much that you fall behind in innovation.

The long-term effects are yet to fully play out: Will Russia’s science output drop without Western collaboration? Possibly in some fields, yes. Will Iran continue to innovate? Likely, as they’ve shown resilience, but they may lag in fields where international cooperation is key (like high-energy physics or advanced medical research). North Korea will probably continue focusing narrowly on areas that leadership prioritizes, ignoring broad scientific development.

Cloud Infrastructure and Computing

Cloud computing (services like Amazon Web Services, Microsoft Azure, Google Cloud) forms the backbone of many modern applications and data storage solutions. U.S. sanctions have barred these providers from serving Iran and North Korea for years, and since 2022 greatly restricted their use in Russia. This section addresses how the sanctioned countries manage their server and cloud needs – through domestic data centers, alternative providers, or open-source cloud platforms.

Amazon/Google/Microsoft Cloud Services: For a long time, Iranian developers could not directly use AWS or Azure due to U.S. sanctions. This meant no hosting Iranian apps on Amazon’s cloud, no using Azure’s machine learning APIs, etc., unless done through proxy accounts. Iranian companies therefore built their own data centers and hosting providers. A company like Afranet or Pars Online in Iran offers local hosting. The state also set up a domestic cloud called “Sorena” for government use, as part of the National Information Network – essentially a cluster of Iranian data centers to keep government and some private data onshore. Some Iranian startups moved services to neutral locations like Malaysia or Turkey to use better infrastructure without a direct U.S. nexus. But performance and reliability suffered compared to world-class AWS data centers.

Russia, prior to 2022, did have access to AWS/Azure, but adoption was not as high as in the West (cloud was ~5% of IT spend in Russia vs 19% in US as of 2020). Many Russian enterprises still ran on-premise or used Russian hosting providers. After 2022, Western cloud companies stopped servicing Russia (Amazon and Microsoft said no new customers and would wind down existing). In March 2022, AWS, Azure, and Google Cloud suspended operations for Russian users. Russian organizations had to migrate quickly. Fortunately, Russia had Yandex Cloud (by the search giant Yandex) and SberCloud (by Sberbank) ready to take clients. There is also Mail.Ru Cloud (VK Cloud) and smaller ones like ActiveCloud. These providers started expanding capacity to absorb demand when foreign clouds exited. By mid-2023, it’s reported that Russian cloud providers managed to handle the load, though they face challenges obtaining new hardware (servers, networking gear) because companies like HPE, Dell stopped sales. They resort to Chinese hardware or grey imports of parts to build their data centers.

An interesting detail: IDC estimated in 2020 that Microsoft had 17% of Russia’s cloud market, AWS 14%, IBM 10%, and Yandex just 3%. So domestic clouds were far behind. But since the Western ones essentially vanished, Yandex and others likely have grown to fill near 100% of the addressable market. The Russian government even considered nationalizing data center assets left behind by foreign firms or using empty capacity from shuttered international companies’ servers for local needs.

Also, as cited in Reuters: Russian organizations could turn to Chinese cloud providers like Alibaba Cloud and Tencent Cloud. Indeed, Alibaba had a joint venture (AliCloud Russia) and a data center presence via a partnership, which might still operate albeit under the radar to avoid secondary sanctions. Huawei opened a cloud data center in Moscow in 2021 for researchers. After sanctions, Chinese firms have been cautious, but given China’s neutrality stance, they haven’t completely pulled out. So Russian companies in need might quietly use a Hong Kong region of Alibaba Cloud, for instance, if billing can be arranged through a third country.

Iran similarly might get help from Chinese cloud: in the 25-year Iran-China agreement, there was mention of collaboration in telecommunications and IT which could include data centers. It’s plausible that Huawei or Alibaba provide some cloud solutions inside Iran (Huawei has provided hardware for Iranian domestic clouds).

Open-Source Cloud and Virtualization: For highly sensitive needs, these countries adopt open-source cloud infrastructure software like OpenStack to create private clouds. OpenStack allows deployment of cloud-style environments on local servers – essentially enabling Iran or Russia to mimic some AWS functionalities internally. For example, Iran’s national cloud likely uses something like OpenStack with Iranian engineers customizing it. That way, they’re not reliant on proprietary U.S. tech.

Content Delivery and Internet Backbone: Cloud also overlaps with content delivery networks (CDNs). Western CDN providers like Cloudflare and Akamai typically don’t serve sanctioned countries (Cloudflare did extend its services to help Iranian citizens access safer communications under special license in 2022). But generally, Iranian and Russian websites had to find alternatives. Russia can use its own CDN providers (like CDNvideo or Yandex’s CDN). Iran similarly uses internal caching servers to ensure local content (like Aparat videos or Digikala images) loads quickly without external CDN. The downside is global content (like if an Iranian wants to load an international website, they might not benefit from a nearby CDN node because many CDNs avoid Iran, so it’s slower).

Data Sovereignty: All three governments insist on data sovereignty – keeping data on domestic servers. Russia since 2015 has had laws requiring personal data of Russians to be stored on Russian soil (that’s why some international companies had to set up local data storage or leave). This proved forward-thinking because when relations soured, at least critical data was already inside Russia’s control. Iran’s National Information Network explicitly is about hosting content inside Iran so that even if international links go down (like they deliberately cut during protests), the domestic sites and services still run. Snapp’s example: when Iran shut off the global internet in Nov 2019, Snapp continued working on the local intranet, having no dependency on outside servers. That was a proof of concept for their internal cloud resilience.

North Korea basically hosts everything internally; they have a handful of servers that connect to the global Internet (their .kp sites like Air Koryo or Naenara state portal are hosted on servers in Pyongyang or sometimes mirroring in friendly countries). They don’t use foreign cloud at all – unnecessary given their isolation.

Emerging Tech: Cloud infrastructure is also needed for AI and big data applications. Russian companies, cut off from Google Cloud’s AI or Azure’s AI tools, have to rely on domestic alternatives (for instance, Sberbank invested in AI research and built supercomputers – in 2021 Sber unveiled one of the most powerful supercomputers in Eastern Europe, built with mostly Nvidia GPUs pre-sanctions). Now, getting new GPUs is difficult because Nvidia/AMD can’t sell to Russia; they turn to secondary markets or Chinese-made AI chips (like those from Huawei’s HiSilicon or alternatives from Chinese startups). Iran too has limitations on importing advanced computing hardware, but they assembled some supercomputers (Iran’s Simorgh supercomputer was reported in 2021, using a cluster of CPUs – not cutting-edge but notable).

In cloud software services, things like Software-as-a-Service (SaaS) replacements are happening. For example, Salesforce left Russia, so Russian CRM companies like Bitrix24 or amoCRM likely took over that market. Iran has its own local SaaS-like solutions for enterprise resource planning or customer management (often custom in-house software or smaller local vendors). So the enterprise cloud software that Western firms offer is being substituted by local vendors – an acceleration of a trend toward digital autarky in enterprise IT.

Conclusion on Cloud: The cloud landscape under sanctions is basically a forced localization. Domestic cloud providers expand, government clouds ensure critical operations, and any reliance on U.S. companies is excised. A downside is efficiency and innovation: AWS and Azure are leaders for a reason, often cheaper or more advanced than local clouds. Sanctioned businesses may have to pay more or get less performance from local clouds, which can hamper their competitiveness. Moreover, as hardware becomes harder to import, scaling those clouds is a challenge. Reports have suggested Russia might face a server shortage for its data centers by late 2023 because they can’t easily get enough new equipment. They might resort to cannibalizing older equipment or obtaining Chinese substitutes that might be less powerful.

In Iran, the constraints on bandwidth and hardware mean their cloud offerings may lag global reliability. Users notice, for instance, that domestic services slow down when everyone is forced onto them (like during an internet shutdown, local apps get overloaded). Investment continues though – Iranian tech firms are encouraged via incentives to use domestic hosting (sometimes even subsidized energy costs).

All considered, cloud infrastructure is a microcosm of the broader theme: sanctioned countries constructing parallel systems – here, parallel internet infrastructure – to avoid being crippled by U.S. tech denial. The success varies: Russia had more resources to build near equivalents (especially with some Chinese help), Iran manages with a combination of clever workarounds and some Chinese/Russian aid, and North Korea operates a tiny closed network completely separate from the global cloud.

Shifts in Global Tech Independence

The experiences of Iran, North Korea, and Russia demonstrate both the ingenuity and the limitations of operating under a regime of heavy technological sanctions. On one hand, these countries have shown remarkable adaptability: their governments rapidly fostered domestic replacements for critical software and platforms, and their citizens embraced workarounds like VPNs, piracy, and black markets to maintain a semblance of normal digital life. In domains from communication to e-commerce to fintech, the sanctioned states built homegrown ecosystems that parallel the Western tech world:

  • Iran’s tech scene produced analogues for many everyday apps – messaging, ride-hailing, shopping, streaming – enabling its 80+ million people to stay connected and serviced despite isolation. Iran’s strategy combines encouraging local entrepreneurs (as seen with super-app Snapp or marketplace Digikala) and tightly controlling foreign content (through filtering and the National Information Network) so that local options thrive.
  • Russia leveraged its relatively large economy and talent pool to accelerate an existing trend of digital sovereignty. After 2022, this went into overdrive: Western tech was replaced almost overnight by Russian equivalents or Chinese partnerships, from social networks (VK) to payment systems (Mir). The government’s years of preparation (import substitution policies, nurturing of Yandex, Kaspersky, etc.) paid off in allowing a faster transition, though not without friction (e.g., 80% of Russian PC users still clung to Windows as of 2023, highlighting the inertia in some areas). The Kremlin’s push for self-reliance has made Russia more digitally independent than it was, but at the cost of cutting off its tech sector from global collaboration and investment, which may hamper innovation long-term.
  • North Korea remains an extreme case – essentially autarky in tech. Its approach demonstrates that a country can indeed run a “sovereign” IT infrastructure (Red Star OS, Kwangmyong network) but at the price of technological stagnation for the general populace. North Korea’s successes are mostly in the military cyber realm (hacking and weapons development), not in raising general digital living standards. It relies on clandestine channels to obtain advanced know-how for its elite projects, while the average citizen’s tech experience is limited to pre-approved, closely monitored tools. This insular model achieves security and regime control, but it also shows the depth of deprivation sanctions can cause – essentially leaving an entire population decades behind in IT access.

Across all three countries, one theme is the increased dependence on non-Western allies: chiefly China, but also others like regional partners. Whether it’s buying Chinese smartphones, using Chinese UnionPay for banking, or partnering with Chinese universities for research, these sanctioned states have gravitated to a China-centered tech orbit. This has strategic implications: it could lead to a more bifurcated (or multifurcated) global tech landscape, where a “Western bloc” of technology and an “Eastern bloc” (with Chinese and local innovations) operate semi-separately, each serving their sphere of influence. We see early evidence of this in Russia’s deepening digital links with BRICS countries and Iran’s integration with Chinese infrastructure projects.

Neutral, analytical tone recap: It’s important to acknowledge that the sanctioned countries’ tech adaptations are born from necessity and carry a mix of effectiveness and inefficiency. They are not technological paradises – in many respects, users in these nations face higher costs, fewer choices, and sometimes lower quality compared to an unsanctioned environment. For instance, a Russian gamer can no longer easily buy the latest PlayStation or PC game from global platforms – they must hope for a local distributor or resort to piracy. An Iranian graphic designer can’t access Adobe’s cloud features – they make do with an old Photoshop crack and lose out on cloud collaboration tools. These are tangible setbacks. Moreover, some stopgap solutions raise cybersecurity and privacy concerns: Iranians worry that domestic apps like Soroush might spy on them for the government; Russians know that using VPNs or pirated software can open them to malware if they’re not careful.

At the same time, it’s notable how these pressures have spurred local innovation and entrepreneurship. The rise of companies like Snapp, Digikala, VKontakte, Yandex, Kaspersky – each arguably strengthened by the partial vacuum left by Western competitors – has created tech sectors that provide jobs and expertise internally. In Iran’s case, a whole generation of developers cut their teeth building Iranian analogues to Western apps, arguably boosting Iran’s software development skill base. In Russia, the removal of Western cloud and enterprise providers is forcing companies to invest in domestic IT solutions, potentially enriching local IT integrators and consultants.

Looking ahead, the trajectory will likely depend on the duration and extent of sanctions and on how geopolitics evolve. If sanctions persist long term or even tighten, we can expect further entrenchment of these parallel tech ecosystems. Iran will push its “Resilient Economy” agenda further – perhaps even developing its own chips or mobile operating system to reduce the last points of dependency. Russia might double down on efforts to make Elbrus CPUs and Aurora OS viable, striving for full-stack independence from hardware up to software (though achieving parity with Western tech might be elusive). North Korea will continue leveraging cyber offense as a means to compensate for its inability to import technology, effectively “stealing what it can’t buy.”

Conversely, any easing of sanctions or diplomatic breakthroughs could rapidly change the picture. We saw a hint of that in Iran between 2015-2018 when the nuclear deal temporarily opened doors: Western tech firms showed interest (e.g., Apple briefly allowed Iranian app listings, European e-commerce invested in Bamilo). If such a scenario occurred again, one might see a quick influx of foreign tech and capital into these markets, which would challenge the local players. However, having local alternatives in place means these societies are no longer blank slates – e.g., if sanctions on Iran were lifted, Amazon or Uber would face stiff competition from the entrenched Digikala and Snapp. In Russia’s case, even if relations normalized, it’s hard to imagine Facebook or Instagram simply regaining their old user base, given that VK and Telegram have cemented their roles.

Neutral assessment: In a non-judgmental sense, these countries have proven that it is possible – albeit difficult – to withstand a cutoff from U.S. technology by relying on a combination of internal development, open-source utilization, and alliance-building. They illustrate a spectrum: from North Korea’s near-total self-reliance (with minimal modernization) to Russia’s technologically advanced but increasingly insulated network, with Iran somewhere in the middle – technologically semi-advanced and semi-integrated globally (Chinese and Russian ties balancing Western exclusion).

For the global community, this raises questions about the long-term efficacy of tech sanctions. Sanctions undeniably create hardships and slow development in targeted states, yet they also create incentives for those states to innovate independently and potentially decrease Western leverage over time. As Russia’s Justin Sherman put it in the Atlantic Council report, Russia now has “even fewer incentives (and less room) to stop pursuing an isolationist, securitized approach to digital technology” due to sanctions and other factors. In other words, the more these countries adapt, the less influence Western tech companies (and by extension Western governments) will have over them in the future.

Finally, in an analytical but human-centric view, one should note the resilience of ordinary people living under such sanctions. From Iranian youth using VPNs to join global conversations on Twitter, to Russian programmers contributing to open-source projects despite cutoffs, to North Korean defectors smuggling educational content on USB drives – individuals continually seek connection and improvement. Technology, even in restricted form, finds a way to transcend some barriers. The story of sanctioned countries’ tech ecosystems is ultimately a story of people striving to stay connected to the world, either by recreating that world locally or finding cracks in the digital wall. In doing so, they ensure that innovation is not the exclusive domain of the sanctioning powers, but a shared endeavor where necessity becomes the mother of invention.

Sources: The analysis above draws on a range of reports and data, including Business Insider comparisons of Iranian vs Western apps, Reuters investigations into Russia’s post-sanctions tech landscape, expert studies on Russia’s digital isolation by Atlantic Council, and firsthand accounts of North Korea’s tech usage by Quartz and others. These sources collectively illustrate the multifaceted approach of sanctioned states in keeping their digital societies functional and evolving under an umbrella of restrictions.

Scroll to Top