First Shots Of A New Cyber War

Iran and Saudi Arabia are throwing punches in a virtual war.

After a cyber-attack on an Iranian official website, allegedly launched by a Saudi hacking team, Iranian cyber activists hacked a couple of Saudi websites in response. The move was followed by counter-attacks, which is now raising the question whether the two countries are involved in an outright cyber-war.

According to a report by Al Monitor, numerous Iranian media outlets announced on May 25 that the website of The Statistical Centre of Iran was hacked and temporarily put out of use.

Later on, the portals of Iranian Organization for Registration of Deeds & Properties, the Post Company, and Ahvaz University of Shahid Chamran were also reportedly hacked by unknown groups of hackers. The hackers’ signatures on these websites were “Mafia Hacking Team” and “Da3s Hacker”, TechRasa reported.

News agencies wrote that the hackers were “outside of Iran” but little else was known about them. On May 28, Mizan quoted Iranian Communications Minister Mahmoud Vaezi as saying that the IP of hackers who infiltrated Iran’s government websites was in Europe.

However, many websites speculated that either ISIS or Saudi Arabia had conducted the attack. The low-level attack was followed by two attacks, on Saudi Arabian statistical websites and the portal of King Abdulaziz University on May 26. Tasnim quoted a statement by the Iranian hackers as published on the hacked websites, “Iranian Hackers were here. Hacked by Shahin Sh. Iran Security Team.”

In an article headlined “The Announcement of a Cyber-War by Saudi Arabia against Iran?” Tabnak wrote, “While many websites assumed this website was hacked by [ISIS] … it appears it was a Saudi hacker group.”

Al Monitor quoted Tabnak as rejecting the idea of ISIS involvement because the hackers referred to themselves as “Da3s,” as in “Daesh,” an acronym the terrorist group does not use for itself. A Twitter account associated with Da3s hackers followed a few well-known Saudi accounts, and Tabnak concluded that a Saudi group had conducted the attack with government backing.

The DA3S, which has officially claimed responsibility for the cyber-attacks, wrote on the main page of the hacked websites that it is not linked with the ISIS terrorists group, aka Daesh, and is only “one Sunni Muslim”, Trend quoted Iranian media as saying.

As DA3S sounds like Daesh, it could be mixed up with the Arabic name of the ISIS terrorist group. In any case, the screenshots provided of the hacked website appear to show that the hackers either wanted Iran to know that they were Saudi or that they intended to make it appear that they were.

An article in Iran newspaper, perhaps in an attempt to downplay the speculation and tensions, reported that a source in the Statistical Centre of Iran denied that its website was hacked at all. The official called the problems with the site “a natural issue with no relation to [ISIS] or other individuals.” The official added, “We should not open this small issue wide enough to create rumors across the country.” The official also urged Iranians to not fan the flames of conjecture.

Iran’s Supreme Council of Cyberspace also announced that there was no threat to citizens’ information on the government website. The Council announced that the hackers used fake names for propaganda. The Secretary of the Council stated that these hacks were no surprise, happening everywhere around the world, as even the SWIFT network was attacked recently.

“As the result of the recent hacking of government websites, we can assure you that there are no problems whatsoever regarding citizens’ information,” stated Abolhassan Firouzabadi, Secretary of the Supreme Council of Cyberspace.

Tasnim reported on May 26 that two Saudi statistical websites had been hacked just one day after Iran’s statistics centre was hacked. According to the article, no one had taken responsibility for the hacking, but some social media users speculated that the attacks on the Saudi statistical websites were in revenge for the hacking of Iranian statistical websites.

In a special May 25 report headlined “Saudi Arabia’s Cyber-War against Iran, What Is Iran’s Cyber Army’s Response?” Tasnim wrote that the hacker group Da3s also put an image of former Iraqi President Saddam Hussein on Iran’s statistical website, concluding that the hackers therefore were likely linked to Ba’athists or Takfiri extremist groups.

Tasnim reported that General Gholam-Reza Jalali, who heads Iran’s Civil Defence Organization [a military unit in charge of combating sabotage], had warned that Saudi Arabia intended to conduct cyber-attacks against Iran, though few paid attention to his warnings. Jalali said cyber-attacks would be the prime threat to Iran’s security this year.

Tasnim wrote that the attack on Iran’s statistical centre could be considered the “first bullet in the beginning of a cyber-war.” 

Iran has previously been the victim of cyber-attacks. The United States was behind an attack on Iran’s nuclear facility in Natanz, using a computer worm called Stuxnet, unique in its ability to cause damage.

Iran to Hold Cyber War Games

Speaking to Tasnim, Brigadier General Jalali pointed to cyber threats against Iran, saying that many hostile countries have established cyber armies, and the Islamic Republic is one of their possible targets.

“Holding specialized cyber war games is one of the priorities (of the Civil Defence Organization) this year,” the official said, adding that the exercises are aimed at monitoring and eliminating any problems and weaknesses in the country’s cyber defence network.

The remarks came after reports recently that the Statistics Centre of Iran had been subjected to a cyber-attack by online “hackers”

While some news reports say members of Daesh (ISIL or ISIS) were behind the cyber-attack, others say that a group supported by the Saudi government carried out the attack. Brigadier General Jalali had previously warned that Saudi Arabia was planning a large-scale cyber-attack against Iran.

Ein News:  and  Ein News 2: