Iran’s Cyber Capabilities

Uploaded on 2018-01-15 in INTELLIGENCE-Hot Spots-Iran, GOVERNMENT-National, FREE TO VIEW, NEWS-Cybersecurity News, TECHNOLOGY--Hackers

The recent protests in Iran and the regime’s attempts to block them shed light also on Tehran’s cyber capabilities. 
Offensive cyber operations have become a core tool of Iranian statecraft, providing Tehran less risky opportunities to gather information and retaliate against perceived enemies at home and abroad.

Cyber Incidents involving Iran have been among the most sophisticated, costly, and consequential attacksTehran has been among the leading targets of uniquely invasive and destructive cyber operations by the United States and its allies. 

At the same time, Tehran has become increasingly adept at conducting cyber espionage and disruptive attacks against opponents at home and abroad, ranging from Iranian civil society organizations to governmental and commercial institutions in Israel, Saudi Arabia, and the United States.

A new report by The Carnegie Endowment evaluates Iran’s Cyber threat environment. Just as Iran uses proxies to project its regional power, Tehran often masks its cyber operations using proxies to maintain plausible deniability. 

Yet such operations can frequently be linked to the country’s security apparatus, namely the Ministry of Intelligence and Islamic Revolutionary Guard Corps.

Iran’s cyber capabilities appear to be indigenously developed, arising from local universities and hacking communities. This ecosystem is unique, involving diverse state-aligned operators with differing capabilities and affiliations. Though Iran is generally perceived as a third-tier cyber power, lacking the capabilities of China, Russia, and the United States, it has effectively exploited the lack of preparedness of targets inside and outside Iran. 

The same Iranian actors responsible for espionage against the private sector also conduct surveillance of human rights defenders. These attacks on Iranian civil society often foreshadow the tactics and tools that will be employed against other targets and better describe the risks posed by Iranian cyber-warfare.

While Iran does not have a public strategic policy with respect to cyberspace, its history demonstrates a rationale for when and why it will engage in attacks. 

Iran uses its capabilities in response to domestic and international events. As conflict between Tehran and Washington subsided after the 2015 nuclear deal, so too did the cycle of disruptive attacks. However, Iran’s decision making process is obscured and its cyber capabilities are not controlled by the presidency, as evident in cases of intragovernmental hacking.
The report claims that the United States is reliant on an inadequately guarded cyberspace and should anticipate that future conflicts, online or offline, could trigger cyber-attacks on US infrastructure.

The first priority should be to extend efforts to protect infrastructure and the public, including increased collaboration with regional partners and nongovernmental organisations targeted by Iran.

I-HLS

You Might Also Read: 

Iran’s Cyberwar Could Infiltrate Your Mailbox:

Iran Responsible  For Cyber Attack On British Parliament:

Iran Turns Off The Internet:

Iran Cyber Attacks on Saudi Arabia:
 

« Iran’s Cyberwar Could Infiltrate Your Mailbox
2018 Predictions: Full-Scale Cyber War »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Nmap Project

Nmap Project

Nmap Project is a Free and open source tool for network discovery, administration, and security auditing.

Kaspersky Lab

Kaspersky Lab

Kaspersky Lab is one of the world’s largest privately held vendors of endpoint cybersecurity solutions.

HID Global

HID Global

HID Global is a trusted leader in products, services and solutions related to the creation, management, and use of secure identities.

Center for Identity - University of Texas at Austin

Center for Identity - University of Texas at Austin

The mission of the Center is to deliver the highest-quality discoveries, applications, education, and outreach for excellence in identity management, privacy, and security.

Wayra UK

Wayra UK

Wayra UK, part of Telefónica Open Future, has been chosen to run a new cyber accelerator facility to help UK start-ups grow and take the lead in producing the next generation of cyber security systems

SMiD Cloud

SMiD Cloud

SMiD encryption technology has been developed following the highest security practices to allow the data availability, integrity and confidentiality.

Fingerprint Cards

Fingerprint Cards

Fingerprint Cards develops and produces biometric components and technologies that verify a person’s identity through the analysis and matching of an individual’s unique fingerprint.

Cyber Security Audit Corp (C3SA)

Cyber Security Audit Corp (C3SA)

C3SA specializes in architecting, operating, managing and improving defensible and resilient IT infrastructures for Canada's public and private sectors.

Excelerate Systems

Excelerate Systems

Excelerate Systems is a leading provider of IT services with a focus on Big Data, Cloud Services and Security.

AmWINS Group

AmWINS Group

AmWINS are a global specialty insurance distributor with expertise in property, casualty and professional lines including cyber liability.

Green House Data

Green House Data

Green House Data is a managed services provider delivering hybrid solutions to enterprises who need secure IT environments and efficient management of their critical applications and business data.

VirtualArmour

VirtualArmour

VirtualArmour is a managed security services provider with global reach and local attitude.

Quantum Security Solutions (QSec)

Quantum Security Solutions (QSec)

QSec is an innovative information security consultancy based in Ghana. We can provide your organisation with information security products and services that assure against information risk.

Cygna Labs

Cygna Labs

Cygna Labs is a software developer and one of the top three global DDI (DNS, DHCP, and IP address management) vendors.

Evolver

Evolver

Evolver delivers technology services and solutions that improve security, promote innovation, and maximize operational efficiency in support of government and commercial customers.

DeltaSpike

DeltaSpike

DeltaSpike empowers individuals and organizations worldwide through its comprehensive cybersecurity solutions.