Do Not Underestimate Iran’s Cyber Threat

Iran is a cyber superpower and has been focusing its cyber effort over recent years to strengthen its position and with help from  a few other states and form hundreds of volunteer hackers it is making considerable progress, based on the proposition that future conflicts will require advanced cyber capabilities. 

The effort to assert regional dominance via the developmnet of nuclear weapons has benn stifled by a mixture of sabotage and international sanctions  prevented these goals from materialising. 

The regime has been developing its own cyber security software and Internet architecture in order to protect and insulate its networks, and it has been developing technological cyber expertise as a form of asymmetric warfare against superior conventional military forces in Israel. 

The first steps came following the 2009 civil unrest in Iran, after which it was decided to set up a police cyber department. Its official role, like in most countries, was to act against crimes and fraud taking place online, but in truth their hackers actually focused on collecting information from Internet providers on those suspected to be opposed to the regime. The budget of the cyber department was estimated at around $80 million a year around a decade ago, but has likely multiplied several times since. 

The experts that belong to the police cyber department are also thought to be the ones responsible for Iran's attacks against Israel, the US and Saudi Arabia over recent years. These attacks usually took place under different aliases in order to cover up the direct connection to the Ianian authorities. 

  • One example of this is the so-called Mabna Institute, charged by the US in 2018 with conducting a massive cyber theft campaign on behalf of the Islamic Revolutionary Guard, penetrating systems belonging to hundreds of universities, companies and other victims to steal research, academic and proprietary data, and intellectual property.
  • The Basij, a paramilitary volunteer militia that answers to the Iranian Revolutionary Guard  focuses on activity within Iran, including removing websites and content published by ant-regime activists. 
  • The National Passive Defense Organisation role is to minimise the damage the country's infrastructure would suffer in case of a war or a massive attack on Iran. 
  • Iranian experts have also been training a new generation of hackers in recent years belonging to organisations like Hamas, Hezbollah and militias loyal to the Assad regime in Syria.

In 2010 a computer worm known as Stuxnet was discovered by cyber security researchers to have infiltrated the computers that controlled nuclear centrifuges in Iran, causing physical damage and preventing operation. The Stuxnet worm was reported to have been a joint effort between the governments of the United States and Israel. Following the discovery of the Stuxnet malware, US assets experienced an increase in the severity and duration of cyber-attacks originating in Iran. 

To date Iran are using the cyber-attacks largely in response to American actions rather than initiating them and that was the case following the killing of Qasem Soleimani, commander of the Revolutionary Guards' Quds Force, after which it was reported that attempts to infiltrate computer systems of US power plants were prevented.

The US Cybersecurity and Infrastructure Security Agency (CISA) has also warned that Iran has continuously improved its offensive cyber capabilities, going beyond DDoS and website defacement and that its hackers have demonstrated a willingness to go further with wiper malware and cyber-enabled physical attacks.

f-secure:       CTech:         US Congress:          ZDNet: 

You Might Also Read:  

Iran In The Firing Line:

 

« German Critical Infrastructure At Risk Of Russian Hacking
Customer Compensation Claim Follows The EasyJet Hack »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Allianz

Allianz

Allianz Cyber Protect is a comprehensive cyber insurance provided internationally and tailored to your company´s risk profile.

SOTI

SOTI

SOTI is an industry leader in Enterprise Mobility Management (EMM).

UpGuard

UpGuard

UpGuard's discovery engine brings visibility to complex IT environments, enabling teams to identify risk, confirm compliance and make business safer.

AirCUVE

AirCUVE

AirCUVE provide authentication and access control solutions for networks and mobile security.

Disklabs

Disklabs

Disklabs are industry leaders in data recovery, digital forensics and data erasure.

Cimcor

Cimcor

Cimcor’s flagship software product, CimTrak, helps organizations to monitor and protect a wide range of physical, network and virtual IT assets in real-time.

Zettaset

Zettaset

Zettaset’s XCrypt Data Encryption Platform delivers proven protection for Object, Relational/SQL, NoSQL, and Hadoop data stores…in the cloud and on-premises.

Secura B.V.

Secura B.V.

Secura is an independent specialized cybersecurity expert, providing insights to protect valuable assets and data.

Inveteck Global

Inveteck Global

Inveteck Global is a Ghana-based cyber security firm providing strategic guidance and technical solutions to all our clients to best serve their individual needs.

Gridware

Gridware

Gridware is a specialised cybersecurity consultancy firm and an emerging global player in the cybersecurity intelligence and advisory field.

Pathway Communications

Pathway Communications

Established in 1995, Pathway Communications – is part of the Pathway Group of Companies, a Canadian IT Managed Services organization.

VinCSS

VinCSS

VinCSS Internet Security Services JSC is a leading organization working in the field of researching, developing, producing products as well as providing cyber security services.

Threat Con

Threat Con

Threat Con is a one of its kind event in Nepal, a series of annual international security conventions similar to the famous Black Hat and DEF CON conferences.

Myntex

Myntex

Myntex® builds the future of mobile security. We empower our partners to deliver exclusive mobile endpoint security software, fortifying against mobile threats, device exploits and data exfiltration.

Afripol

Afripol

AFRIPOL was set up to strengthen cooperation between the police agencies of AU member states in the prevention and fight against organized transnational crime, terrorism, and cybercrime.

Secure Blink

Secure Blink

Secure Blink provides automated application and API security solutions that empower developers and security engineers to protect critical assets from exploitation.