Cyberwarfare is a part of Iran's "soft war" military strategy. Being both a victim and wager of cyberwarfare, [1] Iran is considered an emerging military power in the field. [2]
Since November 2010, an organization called "The Cyber Defense Command" (Persian : قرارگاه دفاع سایبری; Gharargah-e Defa-e Saiberi) has been operating in Iran under the supervision of the country's "Passive Civil Defense Organization" (Persian : سازمان پدافند غیرعامل; Sazeman-e Padafand-e Gheyr-e Amel) which is itself a subdivision of the Joint Staff of Iranian Armed Forces. [3]
According to a 2014 report by Institute for National Security Studies, Iran is "one of the most active players in the international cyber arena". [4] In 2013, a Revolutionary Guards general stated that Iran has "the 4th biggest cyber power among the world's cyber armies." [5] [6]
According to a 2021 report by a cyber-security company, "Iran is running two surveillance operations in cyber-space, targeting more than 1,000 dissidents". [7]
Iranian cyber defense system - digital fortress part of national information network (national internet) - is developed for thwarting attacks and engaging attackers. [8] In November 2022, the Iranian Majlis Islamic Consultative Assembly recommended a Passive Defence Incorporation. [9]
In June 2010, Iran was the victim of a cyber-attack when its nuclear facility in Natanz was infiltrated by the cyber-worm 'Stuxnet'. [10] Reportedly a combined effort by the United States and Israel, [11] Stuxnet destroyed perhaps over 1,000 nuclear centrifuges and, according to a Business Insider article, "[set] Tehran's atomic programme back by at least two years." [12] The worm spread beyond the plant to allegedly infect over 60,000 computers, but the government of Iran indicates it caused no significant damage. Iran crowdsourced solutions to the worm and is purportedly now better positioned in terms of cyber warfare technology. [10] No government has claimed responsibility for the worm. [12] The cyber-worm was also used against North Korea.[ citation needed ]
The Iranian government has been accused by Western analysts of its own cyber-attacks against the United States, Israel and Persian Gulf Arab countries, but denied this, including specific allegations of 2012 involvement in hacking into American banks. [12] The conflict between Iran and the United States has been called "history's first known cyber-war" by Michael Joseph Gross in mid-2013. [37]
Iranian armed forces install malware apps for espionage on android phones. [59] They could steal victims identity according to Microsoft. [60]
On May 5, 2020, Reuters reported, quoting a monthly Facebook report, that Iranian state-run media had targeted hundreds of fake social media accounts to covertly spread pro-Iranian messaging, online since at least 2011, for secretly broadcasting online promotional messages in favor of Iran in order targeting voters in countries including Britain and the United States. [61] Accounts were suspended for coordinated inauthentic behavior, which removed eight networks in recent weeks, including one with links to the Islamic Republic of Iran Broadcasting. [61]
Persian Wikipedia is the Persian language version of Wikipedia. The Persian version of Wikipedia was started in December 2003. As of March 2024, it has 994,575 articles, 1,291,755 registered users, and 89,131 files, and it is the 19th largest edition of Wikipedia by article count, and ranks 22nd in terms of depth among Wikipedias. It passed 1,000 articles on December 16, 2004, and 200,000 on July 10, 2012. Roozbeh Pournader is the project's first administrator, developer, and bureaucrat.
Cyberwarfare is the use of cyber attacks against an enemy state, causing comparable harm to actual warfare and/or disrupting vital computer systems. Some intended outcomes could be espionage, sabotage, propaganda, manipulation or economic warfare.
Iran is notable for the degree of internet censorship by its government. Iran was the second place in the world for internet censorship in 2022 after repeatedly shutting off the internet in parts of country and blocking access to social media platforms to curb protests sparking from of Mahsa Amini’s death, a new poll has showed. The country now targets Virtual Private Networks (VPNs) in order to completely cut off the people from access to outside media. Several popular social media platforms and instant messaging applications are blocked by the Iranian government and the Islamic Revolutionary Guard Corps (IRGC), including YouTube, Facebook, Twitter, WhatsApp, Telegram, Snapchat, Reddit, Medium, Instagram, and Threads. Some streaming services, including Netflix and Hulu, are also blocked by the government. Websites relating to health, science, sports, news, pornography, and shopping are also routinely blocked.
A supply chain attack is a cyber-attack that seeks to damage an organization by targeting less secure elements in the supply chain. A supply chain attack can occur in any industry, from the financial sector, oil industry, to a government sector. A supply chain attack can happen in software or hardware. Cybercriminals typically tamper with the manufacturing or distribution of a product by installing malware or hardware-based spying components. Symantec's 2019 Internet Security Threat Report states that supply chain attacks increased by 78 percent in 2018.
An advanced persistent threat (APT) is a stealthy threat actor, typically a state or state-sponsored group, which gains unauthorized access to a computer network and remains undetected for an extended period. In recent times, the term may also refer to non-state-sponsored groups conducting large-scale targeted intrusions for specific goals.
Stuxnet is a malicious computer worm first uncovered in 2010 and thought to have been in development since at least 2005. Stuxnet targets supervisory control and data acquisition (SCADA) systems and is believed to be responsible for causing substantial damage to the nuclear program of Iran. Although neither country has openly admitted responsibility, multiple independent news organizations recognize Stuxnet to be a cyberweapon built jointly by the United States and Israel in a collaborative effort known as Operation Olympic Games. The program, started during the Bush administration, was rapidly expanded within the first months of Barack Obama's presidency.
Duqu is a collection of computer malware discovered on 1 September 2011, thought by Kaspersky Labs to be related to the Stuxnet worm and to have been created by Unit 8200. Duqu has exploited Microsoft Windows's zero-day vulnerability. The Laboratory of Cryptography and System Security of the Budapest University of Technology and Economics in Hungary discovered the threat, analysed the malware, and wrote a 60-page report naming the threat Duqu. Duqu got its name from the prefix "~DQ" it gives to the names of files it creates.
Flame, also known as Flamer, sKyWIper, and Skywiper, is modular computer malware discovered in 2012 that attacks computers running the Microsoft Windows operating system. The program is used for targeted cyber espionage in Middle Eastern countries.
Operation Olympic Games was an ostensible and still unacknowledged campaign of sabotage by means of cyber disruption, directed at Iranian nuclear facilities likely by the United States and Israel. As reported, it is one of the first known uses of offensive cyber weapons. Started under the administration of George W. Bush in 2006, Olympic Games was accelerated under President Obama, who heeded Bush's advice to continue cyber attacks on the Iranian nuclear facility at Natanz. Bush believed that the strategy was the only way to prevent an Israeli conventional strike on Iranian nuclear facilities.
Cyberweapons are commonly defined as malware agents employed for military, paramilitary, or intelligence objectives as part of a cyberattack. This includes computer viruses, trojans, spyware, and worms that can introduce malicious code into existing software, causing a computer to perform actions or processes unintended by its operator.
A cyberattack is any offensive maneuver that targets computer information systems, computer networks, infrastructures, personal computer devices, or smartphones. An attacker is a person or process that attempts to access data, functions, or other restricted areas of the system without authorization, potentially with malicious intent. Depending on the context, cyberattacks can be part of cyber warfare or cyberterrorism. A cyberattack can be employed by sovereign states, individuals, groups, societies or organizations and it may originate from an anonymous source. A product that facilitates a cyberattack is sometimes called a cyber weapon. Cyberattacks have increased over the last few years. A well-known example of a cyberattack is a distributed denial of service attack (DDoS).
Triton is malware first discovered at a Saudi Arabian petrochemical plant in 2017. It can disable safety instrumented systems, which can then contribute to a plant disaster. It has been called "the world's most murderous malware."
Cyberwarfare is a component of the confrontation between Russia and Ukraine since the Revolution of Dignity in 2013-2014. While the first attacks on information systems of private enterprises and state institutions of Ukraine were recorded during mass protests in 2013, Russian cyberweapon Uroburos had been around since 2005. Russian cyberwarfare continued with the 2015 Ukraine power grid hack at Christmas 2015 and again in 2016, paralysis of the State Treasury of Ukraine in December 2016, a Mass hacker supply-chain attack in June 2017 and attacks on Ukrainian government websites in January 2022.
Sandworm is an advanced persistent threat operated by Military Unit 74455, a cyberwarfare unit of the GRU, Russia's military intelligence service. Other names for the group, given by cybersecurity researchers, include Telebots, Voodoo Bear, IRIDIUM, Seashell Blizzard, and Iron Viking.
The Iranian fuel 2021 cyberstrike was an attack on the Iranian fuel system, government-issued cards used for buying subsidized fuel, and digital road billboards. The attack took place on 26 October 2021. The government announced that people had to buy gas without their ration card. According to the Supreme Council of Cyberspace, the attacks were similar to the attack on the Iranian rail road transit system in July. Iranian President Ebrahim Raisi stated, "this cyberattack is neither the first time nor will it be the last."
The Islamic Revolutionary Guards Corps Cyber Security Command is a command of the Iranian Islamic Revolutionary Guard Corps responsible for cyber warfare and cyber security. It was founded in 2006(1386), its command was established in 2015(1393).
Behzad Mesri, is an Iranian hacker who is wanted by the FBI for hacking the HBO Network. Misri is charged with the following crimes: Computer Fraud - Unauthorized Access to a Protected Computer, Internet Fraud, Computer Fraud - Threat to Breach Confidentiality, Computer Fraud - Threat to Harm a Protected Computer and Breach of Confidentiality, Interstate Sending a Threatening correspondence and aggravated identity theft".
Uprising till Overthrow, is an Iranian hacker group affiliated with the People's Mojahedin Organization. This group has hacked the website of the Islamic Consultative Assembly and has published the legal slips of the members of the Islamic Consultative Assembly of Iran. The hacking of the website was confirmed by Iran's domestic media, but the receipts published by Iran's media are said to be fake.
{{cite web}}
: CS1 maint: multiple names: authors list (link){{cite web}}
: CS1 maint: multiple names: authors list (link)