Do Not Underestimate Iran’s Cyber Threat

Uploaded on 2020-06-03 in INTELLIGENCE-Hot Spots-Iran, GOVERNMENT-National, FREE TO VIEW, TECHNOLOGY--Hackers

Iran is a cyber superpower and has been focusing its cyber effort over recent years to strengthen its position and with help from  a few other states and form hundreds of volunteer hackers it is making considerable progress, based on the proposition that future conflicts will require advanced cyber capabilities. 

The effort to assert regional dominance via the developmnet of nuclear weapons has benn stifled by a mixture of sabotage and international sanctions  prevented these goals from materialising. 

The regime has been developing its own cyber security software and Internet architecture in order to protect and insulate its networks, and it has been developing technological cyber expertise as a form of asymmetric warfare against superior conventional military forces in Israel. 

The first steps came following the 2009 civil unrest in Iran, after which it was decided to set up a police cyber department. Its official role, like in most countries, was to act against crimes and fraud taking place online, but in truth their hackers actually focused on collecting information from Internet providers on those suspected to be opposed to the regime. The budget of the cyber department was estimated at around $80 million a year around a decade ago, but has likely multiplied several times since. 

The experts that belong to the police cyber department are also thought to be the ones responsible for Iran's attacks against Israel, the US and Saudi Arabia over recent years. These attacks usually took place under different aliases in order to cover up the direct connection to the Ianian authorities. 

  • One example of this is the so-called Mabna Institute, charged by the US in 2018 with conducting a massive cyber theft campaign on behalf of the Islamic Revolutionary Guard, penetrating systems belonging to hundreds of universities, companies and other victims to steal research, academic and proprietary data, and intellectual property.
  • The Basij, a paramilitary volunteer militia that answers to the Iranian Revolutionary Guard  focuses on activity within Iran, including removing websites and content published by ant-regime activists. 
  • The National Passive Defense Organisation role is to minimise the damage the country's infrastructure would suffer in case of a war or a massive attack on Iran. 
  • Iranian experts have also been training a new generation of hackers in recent years belonging to organisations like Hamas, Hezbollah and militias loyal to the Assad regime in Syria.

In 2010 a computer worm known as Stuxnet was discovered by cyber security researchers to have infiltrated the computers that controlled nuclear centrifuges in Iran, causing physical damage and preventing operation. The Stuxnet worm was reported to have been a joint effort between the governments of the United States and Israel. Following the discovery of the Stuxnet malware, US assets experienced an increase in the severity and duration of cyber-attacks originating in Iran. 

To date Iran are using the cyber-attacks largely in response to American actions rather than initiating them and that was the case following the killing of Qasem Soleimani, commander of the Revolutionary Guards' Quds Force, after which it was reported that attempts to infiltrate computer systems of US power plants were prevented.

The US Cybersecurity and Infrastructure Security Agency (CISA) has also warned that Iran has continuously improved its offensive cyber capabilities, going beyond DDoS and website defacement and that its hackers have demonstrated a willingness to go further with wiper malware and cyber-enabled physical attacks.

f-secure:       CTech:         US Congress:          ZDNet: 

You Might Also Read:  

Iran In The Firing Line:

 

« German Critical Infrastructure At Risk Of Russian Hacking
Customer Compensation Claim Follows The EasyJet Hack »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Dionach

Dionach

Dionach are a certified information security specialists who provide Penetration Testing, IT Security Auditing and Information Security Consultancy.

Silent Breach

Silent Breach

Silent Breach specializes in network security and digital asset protection. Services include Pentesting, Security Assessments, Incident Detection & Response, Governance Risk & Compliance.

Fluency Security

Fluency Security

Fluency is the only Security Analytics & Orchestration (SAO) solution that automates correlation, detection, validation and ongoing tracking.

Netresec

Netresec

Netresec is an independent software vendor with focus on the network security field. We specialize in software for network forensics and analysis of network traffic.

NovaTech Automation

NovaTech Automation

NovaTech products and services make the world’s power grids and essential process industries more reliable, efficient, sustainable and secure.

Governikus

Governikus

Governikus provides solutions for secure data transport, authentication, the use of electronic signatures and cryptography as well as for long-term storage.

LMG Security

LMG Security

LMG Security is a cybersecurity consulting, research and training firm.

A-LIGN

A-LIGN

A-LIGN is a technology-enabled security and compliance partner trusted by more than 2,500 global organizations to mitigate cybersecurity risks.

Midwest Cyber Security Alliance (MCSA)

Midwest Cyber Security Alliance (MCSA)

Midwest Cyber Security Alliance is a nonprofit, nonpartisan collaboration of individuals, businesses, government entities, and professionals advocating for more effective cyber security solutions.

Kobalt.io

Kobalt.io

Kobalt are bringing the monitoring capabilities of enterprise-class security teams to smaller organizations.

Prophaze Technologies

Prophaze Technologies

Prophaze enable organizations and SaaS providers to improve their web application cybersecurity and reduce costs through AI automation.

MiC Talent Solutions

MiC Talent Solutions

MiC Talent Solutions provides recruiting, direct hire, augmented staff, and professional service contracting solutions for organizations searching for minority cybersecurity talent.

Ethnos Cyber

Ethnos Cyber

Ethnos Cyber is Africa’s leading cybersecurity and compliance management company. We provide Information Security, Risk Management, Cybersecurity and Compliance Management solutions to clients.

tmc3

tmc3

tmc3 is an award-winning, people-centric consultancy that is transforming cyber security from an overhead into an organisational enabler.

Black Cipher Security

Black Cipher Security

Black Cipher is a New Jersey-based cybersecurity and incident response consulting firm.

Cure53

Cure53

Cure53 offers classic black-box penetration tests (zero-knowledge) as well as white-box tests and code audits.