Do Not Underestimate Iran’s Cyber Threat

Iran is a cyber superpower and has been focusing its cyber effort over recent years to strengthen its position and with help from  a few other states and form hundreds of volunteer hackers it is making considerable progress, based on the proposition that future conflicts will require advanced cyber capabilities. 

The effort to assert regional dominance via the developmnet of nuclear weapons has benn stifled by a mixture of sabotage and international sanctions  prevented these goals from materialising. 

The regime has been developing its own cyber security software and Internet architecture in order to protect and insulate its networks, and it has been developing technological cyber expertise as a form of asymmetric warfare against superior conventional military forces in Israel. 

The first steps came following the 2009 civil unrest in Iran, after which it was decided to set up a police cyber department. Its official role, like in most countries, was to act against crimes and fraud taking place online, but in truth their hackers actually focused on collecting information from Internet providers on those suspected to be opposed to the regime. The budget of the cyber department was estimated at around $80 million a year around a decade ago, but has likely multiplied several times since. 

The experts that belong to the police cyber department are also thought to be the ones responsible for Iran's attacks against Israel, the US and Saudi Arabia over recent years. These attacks usually took place under different aliases in order to cover up the direct connection to the Ianian authorities. 

  • One example of this is the so-called Mabna Institute, charged by the US in 2018 with conducting a massive cyber theft campaign on behalf of the Islamic Revolutionary Guard, penetrating systems belonging to hundreds of universities, companies and other victims to steal research, academic and proprietary data, and intellectual property.
  • The Basij, a paramilitary volunteer militia that answers to the Iranian Revolutionary Guard  focuses on activity within Iran, including removing websites and content published by ant-regime activists. 
  • The National Passive Defense Organisation role is to minimise the damage the country's infrastructure would suffer in case of a war or a massive attack on Iran. 
  • Iranian experts have also been training a new generation of hackers in recent years belonging to organisations like Hamas, Hezbollah and militias loyal to the Assad regime in Syria.

In 2010 a computer worm known as Stuxnet was discovered by cyber security researchers to have infiltrated the computers that controlled nuclear centrifuges in Iran, causing physical damage and preventing operation. The Stuxnet worm was reported to have been a joint effort between the governments of the United States and Israel. Following the discovery of the Stuxnet malware, US assets experienced an increase in the severity and duration of cyber-attacks originating in Iran. 

To date Iran are using the cyber-attacks largely in response to American actions rather than initiating them and that was the case following the killing of Qasem Soleimani, commander of the Revolutionary Guards' Quds Force, after which it was reported that attempts to infiltrate computer systems of US power plants were prevented.

The US Cybersecurity and Infrastructure Security Agency (CISA) has also warned that Iran has continuously improved its offensive cyber capabilities, going beyond DDoS and website defacement and that its hackers have demonstrated a willingness to go further with wiper malware and cyber-enabled physical attacks.

f-secure:       CTech:         US Congress:          ZDNet: 

You Might Also Read:  

Iran In The Firing Line:

 

« German Critical Infrastructure At Risk Of Russian Hacking
Customer Compensation Claim Follows The EasyJet Hack »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Serena

Serena

Serena Software helps increase speed of the software development lifecycle while enhancing security, compliance, and performance.

We Watch Your Website

We Watch Your Website

We Watch Your Website provide website monitoring, protection, malware removal and root cause analysis services to help you keep your website secure.

Seric Systems

Seric Systems

Seric is a technology business specialising in security, infrastructure and data management.

SIGA

SIGA

SIGA provides cyber security solutions for Industrial Control Systems SCADA systems used in critical infrastructures and industrial processes.

HCL Technologies

HCL Technologies

HCL offer an integrated portfolio of products, solutions and services built around Digital, IoT, Cloud, Automation, Cybersecurity, Analytics, Infrastructure Management and Engineering Services.

Totaljobs

Totaljobs

Totaljobs is the UK’s largest hiring platform. We have over 280,000 live jobs adverts on our site, helping you to find any type of job in any industry, including cybersecurity.

Maven Technologies

Maven Technologies

Maven Technologies specialize in secure data destruction, electronics recycling, asset management, and highly detailed reporting.

Nameshield Group

Nameshield Group

Nameshield is one of most experienced domain name registrars, trademark protection specialists and managers of online reputational risk in the world today.

ISA Global Cybersecurity Alliance (ISAGCA)

ISA Global Cybersecurity Alliance (ISAGCA)

Objectives of the ISA Global Cybersecurity Alliance include the acceleration and expansion of standards, certification, education programs, advocacy efforts, and thought leadership.

ERI

ERI

ERI is the largest fully integrated IT and electronics asset disposition provider and cybersecurity-focused hardware destruction company in the United States.

Hyperwise Ventures

Hyperwise Ventures

Hyperwise Ventures lead seed investments in startups in the cyber security and enterprise software spaces.

SecureOps

SecureOps

SecureOps is transforming the Managed Security Service Provider industry by providing tailored cybersecurity solutions proven to protect organizations from cyberattacks.

Entara

Entara

Entara (formerly YJT Solutions) is an eXtended Service Provider (XSP) focused on providing cutting edge technology and cyber security solutions to companies in regulated industries.

Radiance Technologies

Radiance Technologies

Radiance solutions provide technological advantage and operational superiority for our nation in the areas of intelligence, cyber and advanced weapon systems.

Certcube Labs

Certcube Labs

Certcube Labs provide a broad range of services in the areas of Assessments, Development, Risk Advisory, Blockchain, Forensics Investigations, Managed Security Solutions, and IT Security Trainings.

Kolide

Kolide

Kolide ensures that if a device isn't secure, it can't access your apps.