Do Not Underestimate Iran’s Cyber Threat

Iran is a cyber superpower and has been focusing its cyber effort over recent years to strengthen its position and with help from  a few other states and form hundreds of volunteer hackers it is making considerable progress, based on the proposition that future conflicts will require advanced cyber capabilities. 

The effort to assert regional dominance via the developmnet of nuclear weapons has benn stifled by a mixture of sabotage and international sanctions  prevented these goals from materialising. 

The regime has been developing its own cyber security software and Internet architecture in order to protect and insulate its networks, and it has been developing technological cyber expertise as a form of asymmetric warfare against superior conventional military forces in Israel. 

The first steps came following the 2009 civil unrest in Iran, after which it was decided to set up a police cyber department. Its official role, like in most countries, was to act against crimes and fraud taking place online, but in truth their hackers actually focused on collecting information from Internet providers on those suspected to be opposed to the regime. The budget of the cyber department was estimated at around $80 million a year around a decade ago, but has likely multiplied several times since. 

The experts that belong to the police cyber department are also thought to be the ones responsible for Iran's attacks against Israel, the US and Saudi Arabia over recent years. These attacks usually took place under different aliases in order to cover up the direct connection to the Ianian authorities. 

  • One example of this is the so-called Mabna Institute, charged by the US in 2018 with conducting a massive cyber theft campaign on behalf of the Islamic Revolutionary Guard, penetrating systems belonging to hundreds of universities, companies and other victims to steal research, academic and proprietary data, and intellectual property.
  • The Basij, a paramilitary volunteer militia that answers to the Iranian Revolutionary Guard  focuses on activity within Iran, including removing websites and content published by ant-regime activists. 
  • The National Passive Defense Organisation role is to minimise the damage the country's infrastructure would suffer in case of a war or a massive attack on Iran. 
  • Iranian experts have also been training a new generation of hackers in recent years belonging to organisations like Hamas, Hezbollah and militias loyal to the Assad regime in Syria.

In 2010 a computer worm known as Stuxnet was discovered by cyber security researchers to have infiltrated the computers that controlled nuclear centrifuges in Iran, causing physical damage and preventing operation. The Stuxnet worm was reported to have been a joint effort between the governments of the United States and Israel. Following the discovery of the Stuxnet malware, US assets experienced an increase in the severity and duration of cyber-attacks originating in Iran. 

To date Iran are using the cyber-attacks largely in response to American actions rather than initiating them and that was the case following the killing of Qasem Soleimani, commander of the Revolutionary Guards' Quds Force, after which it was reported that attempts to infiltrate computer systems of US power plants were prevented.

The US Cybersecurity and Infrastructure Security Agency (CISA) has also warned that Iran has continuously improved its offensive cyber capabilities, going beyond DDoS and website defacement and that its hackers have demonstrated a willingness to go further with wiper malware and cyber-enabled physical attacks.

f-secure:       CTech:         US Congress:          ZDNet: 

You Might Also Read:  

Iran In The Firing Line:

 

« German Critical Infrastructure At Risk Of Russian Hacking
Customer Compensation Claim Follows The EasyJet Hack »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

FT Cyber Resilience Summit: Europe

FT Cyber Resilience Summit: Europe

27 November 2024 | In-Person & Digital | 22 Bishopsgate, London. Business leaders, Innovators & Experts address evolving cybersecurity risks.

it-sa 365

it-sa 365

it-sa 365 is a digital platform for connecting IT security vendors and experts with those who bear responsibility for IT security in management and technology.

ITrust

ITrust

French cybersecurity pure player since 2007. ITrust offers its Cyber expertise services and develops disruptive products in Cyber/Artificial Intelligence.

Ikarus Security Software

Ikarus Security Software

Ikarus focuses on antivirus and content-security solutions.

Wipro

Wipro

Wipro Limited is a leading global information technology, consulting and business process services company.

Salviol Global Analytics

Salviol Global Analytics

Salviol Global Analytics is a leading provider of Fraud, Risk and Operational Performance Solutions to a number of vertical markets including Insurance, Banking, Utilities, Telco’s and Government.

BwCIRT

BwCIRT

BwCIRT is the Computer Incident Response Team (CIRT) for Botswana and provides an official point of contact for dealing with computer security incidents.

CorkBIC International Security Accelerator

CorkBIC International Security Accelerator

CorkBIC International Security Accelerator invests in early stage disruptive companies in the security industry including, Cybersecurity, Internet of Things (IOT), Blockchain and AI.

DigiSec360

DigiSec360

DigiSec360 is a technology firm focused on the human element of cybersecurity.

Qmulos

Qmulos

Qmulos’ real-time continuous monitoring risk management suite, Q-Compliance, provides a massively flexible and scalable solution to optimizing operational security.

RapidScale

RapidScale

RapidScale’s managed cloud solutions provide reliable, innovative, and secure services, all complete with white-glove service and full management options.

Truesec

Truesec

TRUESEC has an exceptional mix of IT specialists. We are true experts in cyber security, advanced IT infrastructure and secure development.

Cyber Insurance Academy

Cyber Insurance Academy

Cyber Insurance Academy was founded to provide insurance professionals with the knowledge needed to work in cyber-insurance and cyber-related insurance fields.

Prelude

Prelude

Prelude offer the first autonomous platform built to attack, defend and train critical assets through continuous red-teaming.

Zyston

Zyston

Zyston's solutions provide end-to-end management of your cybersecurity needs. Our range of services help protect your business where it needs it the most.

Siometrix

Siometrix

Siometrix addresses digital identity fraud. It steals your attacker's time and prevents many prevalent attack vectors.

PureSoftware

PureSoftware

PureSoftware is a global software products and digital services company that is driving transformation for the world’s top organizations across various industry verticals.