Cyberwarfare by Iran

Last updated

Cyberwarfare is a part of Iran's "soft war" military strategy. Being both a victim and wager of cyberwarfare, [1] Iran is considered an emerging military power in the field. [2]

Contents

Since November 2010, an organization called "The Cyber Defense Command" (Persian : قرارگاه دفاع سایبری; Gharargah-e Defa-e Saiberi) has been operating in Iran under the supervision of the country's "Passive Civil Defense Organization" (Persian : سازمان پدافند غیرعامل; Sazeman-e Padafand-e Gheyr-e Amel) which is itself a subdivision of the Joint Staff of Iranian Armed Forces. [3]

According to a 2014 report by Institute for National Security Studies, Iran is "one of the most active players in the international cyber arena". [4] In 2013, a Revolutionary Guards general stated that Iran has "the 4th biggest cyber power among the world's cyber armies." [5] [6]

According to a 2021 report by a cyber-security company, "Iran is running two surveillance operations in cyber-space, targeting more than 1,000 dissidents". [7]

NIN

Iranian cyber defense system - digital fortress part of national information network (national internet) - is developed for thwarting attacks and engaging attackers. [8] In November 2022, the Iranian Majlis Islamic Consultative Assembly recommended a Passive Defence Incorporation. [9]

Attacks against Iran

In June 2010, Iran was the victim of a cyber-attack when its nuclear facility in Natanz was infiltrated by the cyber-worm 'Stuxnet'. [10] Reportedly a combined effort by the United States and Israel, [11] Stuxnet destroyed perhaps over 1,000 nuclear centrifuges and, according to a Business Insider article, "[set] Tehran's atomic programme back by at least two years." [12] The worm spread beyond the plant to allegedly infect over 60,000 computers, but the government of Iran indicates it caused no significant damage. Iran crowdsourced solutions to the worm and is purportedly now better positioned in terms of cyber warfare technology. [10] No government has claimed responsibility for the worm. [12] The cyber-worm was also used against North Korea.[ citation needed ]

Events

Attacks by Iran

The Iranian government has been accused by Western analysts of its own cyber-attacks against the United States, Israel and Persian Gulf Arab countries, but denied this, including specific allegations of 2012 involvement in hacking into American banks. [12] The conflict between Iran and the United States has been called "history's first known cyber-war" by Michael Joseph Gross in mid-2013. [38]

Events

Command and control

Iranian armed forces install malware apps for espionage on android phones. [61] They could steal victims identity according to Microsoft. [62]

Suspended Iranian accounts

On May 5, 2020, Reuters reported, quoting a monthly Facebook report, that Iranian state-run media had targeted hundreds of fake social media accounts to covertly spread pro-Iranian messaging, online since at least 2011, for secretly broadcasting online promotional messages in favor of Iran in order targeting voters in countries including Britain and the United States. [63] Accounts were suspended for coordinated inauthentic behavior, which removed eight networks in recent weeks, including one with links to the Islamic Republic of Iran Broadcasting. [63]

See also

Alleged operations and malware against Iran
Alleged operations and malware by Iran

Related Research Articles

<span class="mw-page-title-main">Persian Wikipedia</span> Persian language edition of Wikipedia

Persian Wikipedia is the Persian language version of Wikipedia. The Persian version of Wikipedia was started in December 2003. As of May 2024, it has 1,002,501 articles, 1,311,412 registered users, and 90,623 files, and it is the 19th largest edition of Wikipedia by article count, and ranks 22nd in terms of depth among Wikipedias. It passed 1,000 articles on December 16, 2004, and 200,000 on July 10, 2012. Roozbeh Pournader is the project's first administrator, developer, and bureaucrat.

Iran is known for having one of the world's most comprehensive Internet censorship systems. The Iranian government and the Islamic Revolutionary Guard Corps (IRGC) have blocked access to many popular websites and online services, including YouTube, Twitter, Facebook and Telegram. Internet traffic in the country is heavily restricted and monitored.

<span class="mw-page-title-main">Ministry of Sport and Youth (Iran)</span> Ministry of youth affairs and sports in Iran

The Ministry of Sport and Youth is the government ministry of youth affairs and sports in the Islamic Republic of Iran. It was founded in 2010 after the Physical Education Organization was dissolved.

Mahdi is computer malware that was initially discovered in February 2012 and was reported in July of that year. According to Kaspersky Lab and Seculert, the software has been used for targeted cyber espionage since December 2011, infecting at least 800 computers in Iran and other Middle Eastern countries. Mahdi is named after files used in the malware and refers to the Muslim figure.

<span class="mw-page-title-main">Yousef Tabatabai Nejad</span> Iranian Ayatollah (born 1944)

(Seyyed) Yousef Tabatabai Nejad is an Iranian Shia cleric and Friday leading prayer that represents the Isfahan Province in Iran's Assembly of Experts.

The 2018 Iranian university protests were a series of protests, a spillover clash of the 2017–2018 Iranian protests, occurring as part of the wider Iranian Democracy Movement, by Iranian university students in support of labour, and teacher strikes, as well as protesting against the current situation of the country. The protests started on 4 December 2018, ahead of university day on 7 December, which is usually marked by protests.

The Mahshahr massacre refers to the mass killing of protesters in the city of Mahshahr, Iran, which occurred between 16 November and 20 November 2019, during the 2019–2020 Iranian protests. Estimates of fatalities range between 40 and 150.

The 2021 Sistan and Baluchestan protests were a series of protests in the Sistan and Baluchestan province of Iran. The protests started on 23 February 2021 after multiple Baloch fuel traders were killed at the Iran–Pakistan border.

Babak Khorramdin was an Iranian director and writer.

The Iranian fuel 2021 cyberstrike was an attack on the Iranian fuel system, government-issued cards used for buying subsidized fuel, and digital road billboards. The attack took place on 26 October 2021. The government announced that people had to buy gas without their ration card. According to the Supreme Council of Cyberspace, the attacks were similar to the attack on the Iranian rail road transit system in July. Iranian President Ebrahim Raisi stated, "this cyberattack is neither the first time nor will it be the last."

<span class="mw-page-title-main">Islamic Revolutionary Guards Corps Research and Self-Sufficiency Jihad Organization</span>

Islamic Revolutionary Guard Corps Research and Self-Sufficiency Jihad Organization is a R&D unit institution established in 1993. According to IRGC, it was attacked in 2021. It has buildings based in Isfahan and Tehran.

<span class="mw-page-title-main">Correspondence between Barack Obama and Ali Khamenei</span> Correspondence between the President of the United States and the Supreme Leader of Iran

Correspondence between Barack Obama and Ali Khamenei started with direct and confidential letters sent by US President Barack Obama to Iranian leader Ali Khamenei aimed at persuading him to negotiate. Ali Shamkhani, Representative of the Supreme Leader and Secretary of the Supreme National Security Council of Iran, confirmed that his country had responded to some of Barack Obama's letters to the Iranian leader, which focused mainly on the issue of Iran's nuclear program. This was the first time that Iran had confirmed such correspondence with the President of the United States. Earlier, domestic and foreign media reported on Barack Obama's letters to Khamenei, which in one case were confirmed by Hassan Firouzabadi, Chief-of-Staff of the Iranian Armed Forces, as a sign of the US government's realism.

The Zahedan massacre, also known as Bloody Friday (Balochi: زائدانءِ ھۏنݔن آدݔنَگ),⁣ was a series of violent crackdowns starting with protesters gathering and chanting in front of a police station near the Great Mosalla of Zahedan, Iran on 30 September 2022 leading to many casualties.

This list reports the notable citizens, civil and political activists, students, journalists, lawyers and athletes who have been arrested in Iran during the ongoing protests sparked by the death of Mahsa Amini in September 2022. There is no clear information about the whereabouts and the situation of many of them.

Death sentences during the Mahsa Amini protests is a list of Iranian citizens sentenced to death or charged with crimes punishable by death in the Islamic Republic of Iran during the Mahsa Amini protests. Following rushed trials that were widely criticized by human rights organizations, the Islamic Republic has executed seven protestors, Mohsen Shekari, Majidreza Rahnavard, Mohammad Mehdi Karami, Seyyed Mohammad Hosseini, Saleh Mirhashemi, Majid Kazemi, and Saeed Yaghoobi. Dozens of protesters have been charged with offenses that are punishable by death in Iran.

Hamid Ghareh-Hassanlou was arrested in nationwide protests in Iran after the death of Mahsa Amini. He is a Gonabadi dervish and a medical doctor who specializes in medical imaging. He was charged with killing a Basiji member during the funerals of Hadis Najafi by the Islamic Revolutionary Court in Karaj. His wife, Farzaneh Ghareh-Hassanlou was arrested the same day. They were reportedly beaten during the arrest, and Hamid's ribs were later reported broken.

Sahand Noormohammadzadeh is a bodybuilder and one of the prisoners of 2022-2023 Iranian protests in Tehran, who was sentenced to death for destroying and setting fire to public facilities. On November 16, he was tried for the charge of "waging war against God and the state" in Branch 29 of the Revolutionary Court of Tehran.

The Islamic Revolutionary Guards Corps Cyber Security Command is a command of the Iranian Islamic Revolutionary Guard Corps responsible for cyber warfare and cyber security. It was founded in 2006(1386), its command was established in 2015(1393).

The Amirkabir Newsletter is a student media outlet that began its activities at Amirkabir University of Technology in the late 1990s. Currently, this outlet is active on social networks such as Telegram, Instagram, and Twitter.

References

  1. Joshi, Shashank. "Iran, the Mossad and the power of cyber-warfare". Archived from the original on October 3, 2013. Retrieved March 18, 2015.
  2. "Iran's military is preparing for cyber warfare". The Telegraph . October 3, 2013. Archived from the original on August 10, 2018. Retrieved March 18, 2015.
  3. Bastani, Hossein (December 13, 2012). "Structure of Iran's Cyber Warfare". Institut Français d’Analyse Stratégique. Archived from the original on May 23, 2019. Retrieved March 18, 2015.
  4. Siboni, Gabi; Kronenfeld, Sami (April 3, 2014). "Developments in Iranian Cyber Warfare, 2013–2014". INSS Insight. Institute for National Security Studies. Archived from the original on January 5, 2020. Retrieved March 18, 2015.
  5. "Israeli Think Tank Acknowledges Iran as Major Cyber Power, Iran Claims its 4th Biggest Cyber Army in World". Hack Read. October 18, 2013. Archived from the original on May 30, 2019. Retrieved March 18, 2015.
  6. "- IRANIAN CYBER THREAT TO THE U.S. HOMELAND". www.govinfo.gov. Archived from the original on 2021-10-28. Retrieved 2021-10-28.
  7. "Iran 'hides spyware in wallpaper, restaurant and games apps'". BBC News. 8 February 2021. Archived from the original on 2021-08-07. Retrieved 2021-10-28.
  8. "شکست حملات سایبری در مقابل"دژفا"". 2020-02-09. Archived from the original on 2020-02-09. Retrieved 2021-10-28.
  9. "آغاز جلسه علنی مجلس/ طرح تشکیل سازمان پدافند غیرعامل در دستور". 6 November 2022. Archived from the original on 13 November 2022. Retrieved 13 November 2022.
  10. 1 2 "Stuxnet and the Future of Cyber War". James P. Farwell and Rafal Rohozinski.
  11. Sanger, David E. (1 June 2012). "Obama Order Sped Up Wave of Cyberattacks Against Iran". The New York Times. Archived from the original on 1 June 2012. Retrieved 1 June 2012.
  12. 1 2 3 "US General: Iran's Cyber War Machine 'A Force To Be Reckoned With'". Business Insider. Archived from the original on 2019-04-02. Retrieved 2017-11-14.
  13. McElroy, Damien (October 2, 2013). "Iranian cyber warfare commander shot dead in suspected assassination". The Telegraph . Archived from the original on October 7, 2019. Retrieved March 18, 2015.
  14. "Iran accuses Israel of failed cyber attack". Reuters. 5 November 2018. Archived from the original on 2020-05-28. Retrieved 2018-11-06.
  15. "Iran accuses Israel of failed cyber attack - CNA". Archived from the original on 2019-09-10. Retrieved 2018-11-06.
  16. Turak, Ryan Browne,Natasha (5 October 2022). "Hacktivists seek to aid Iran protests with cyberattacks and tips on how to bypass internet censorship". CNBC. Archived from the original on 2023-01-13. Retrieved 2023-03-09.{{cite web}}: CS1 maint: multiple names: authors list (link)
  17. "ماجرای حمله سایبری به سایت وزارت علوم چه بود؟". اعتمادآنلاین (in Persian). 2023-09-24. Retrieved 2023-09-24.
  18. فردا, رادیو (2023-09-24). "سایت وزارت علوم ایران "هک شد"؛ هکرها می‌گویند به "بیش از ۲۰ هزار سند" دست یافته‌اند". رادیو فردا (in Persian). Retrieved 2023-09-24.
  19. قربانی, زهرا (2023-09-23). "ماجرای هک سایت وزارت علوم چیست؟ / سامانه‌های دولتی زیر ذره‌بین هکر‌ها". راه پرداخت (in Persian). Retrieved 2023-09-24.
  20. "واکنش عجیب رییس بنیاد شهید به هک شدن سرورهای این سازمان؛ اطلاعاتی حساسی نداشتیم!". اعتمادآنلاین (in Persian). 2023-09-24. Retrieved 2023-09-24.
  21. "ماجرای هک سایت وزارت امور خارجه چه بود؟". اعتمادآنلاین (in Persian). 2023-09-24. Retrieved 2023-09-24.
  22. "هک شرکت‌های بیمه در ایران و نگرانی از ضعف امنیت سایبری". BBC News فارسی (in Persian). 2023-09-04. Retrieved 2023-09-24.
  23. فردا, رادیو (2023-09-04). "برکناری رئیس کل بیمه مرکزی ایران در پی اخبار "هک اطلاعات ۱۸ شرکت بیمه"". رادیو فردا (in Persian). Retrieved 2023-09-24.
  24. "پس‌لرزه‌های هک اطلاعات ۱۸ شرکت بیمه؛ رئیس کل بیمه مرکزی ایران برکنار شد". صدای آمریکا (in Persian). 2023-09-04. Retrieved 2023-09-24.
  25. "ابعاد هک و انتشار اطلاعات شخصی خبرنگاران و کارکنان خبرگزاری فارس بررسی شود". اعتمادآنلاین (in Persian). 2023-09-24. Retrieved 2023-09-24.
  26. قربانی, زهرا (2023-09-20). "ماجرای هک سازمان ثبت‌احوال چه بود؟". راه پرداخت (in Persian). Retrieved 2023-09-24.
  27. "هشدار هکرهای بلک رویوارد: اگر رژیم به خواست مردم تن ندهد، اسناد هسته‌ای را رو می کنیم". ایران اینترنشنال (in Persian). 2023-09-22. Retrieved 2023-09-24.
  28. "سند هک شده: وزارت خارجه جمهوری اسلامی نشستی برای مدیریت بحران پهپادی در اوکراین برگزار کرد". ایران اینترنشنال (in Persian). 2024-01-25. Retrieved 2024-01-25.
  29. "اختلال سراسری در پمپ بنزین‌های ایران؛ "گنجشک درنده": حمله سایبری کار ما بود". BBC News فارسی (in Persian). 2023-12-18. Retrieved 2024-01-25.
  30. "هکرهای شرکت «اسنپ فود» نهایی شدن دریافت باج را تائید کردند". BBC News فارسی (in Persian). 2024-01-01. Retrieved 2024-03-01.
  31. فردا, رادیو (2024-02-13). "روابط عمومی مجلس هک وب‌سایت‌ها و «دسترسی» هکرها به اسناد مجلس را تأیید کرد". رادیو فردا (in Persian). Retrieved 2024-03-01.
  32. "هک وب‌سایت‌های مجلس؛ هکرها «حقوق ۲۰۰ میلیونی» نمایندگان و مزایایی مانند «آجیل شب یلدا» را فاش کردند". صدای آمریکا (in Persian). 2024-02-13. Retrieved 2024-03-01.
  33. "حمله سایبری هکرهای روسی به سفارت‌خانه‌های جمهوری اسلامی". ایران اینترنشنال (in Persian). 2024-03-01. Retrieved 2024-03-01.
  34. "Justice Of Iran". web.archive.org. 2024-02-21. Retrieved 2024-03-01.
  35. "هکرهای گمنام چهارده گیگابایت اطلاعات از سرورهای دانشگاه صنعتی مالک اشتر استخراج کردند". صدای آمریکا (in Persian). 2024-02-22. Retrieved 2024-03-01.
  36. "US Cyberattack Hit 2 Iranian Military Ships in Red Sea". Voice of America. 2024-02-16. Retrieved 2024-03-01.
  37. https://www.iranintl.com/202405160242
  38. "Silent War" Archived 2014-11-15 at the Wayback Machine July 2013 Vanity Fair
  39. Joseph Marks (22 April 2015). "Iran launched major cyberattacks on the Israeli Internet". Politico. Archived from the original on 10 November 2014. Retrieved 27 April 2015.
  40. Micah Halpern (22 April 2015). "Iran Flexes Its Power by Transporting Turkey to the Stone Age". Observer. Archived from the original on 14 December 2019. Retrieved 27 April 2015.
  41. "Iran blamed for cyberattack on Parliament that hit dozens of MPs, including Theresa May". The Telegraph. 14 October 2017. Archived from the original on 6 December 2017. Retrieved 6 December 2017.
  42. "Israel's Jerusalem Post Website Hacked". Reuters. 3 January 2022. Archived from the original on 2022-01-03. Retrieved 2022-01-03.
  43. "Jerusalem Post website hacked with Iran warning on anniversary of Soleimani killing". The Times of Israel . Archived from the original on 2022-01-03. Retrieved 2022-01-03.
  44. Yonah Jeremy Bob (2022-03-14). "Cyberattack against Israeli sites follows reports of failed Mossad op against Iran". The Jerusalem Post. Archived from the original on 2022-03-14. Retrieved 2022-03-14.
  45. Yaniv Kubovich. "Israeli Government Sites Crash in Cyberattack". Haaretz. Archived from the original on 2022-03-14. Retrieved 2022-03-14.
  46. "New Entries in the CFR Cyber Operations Tracker: Q3 2022". Council on Foreign Relations. Archived from the original on 2023-04-26. Retrieved 2023-03-09.
  47. Agencies. "Albania cuts diplomatic ties with Iran, boots out diplomats over July cyberattack". www.timesofisrael.com. Archived from the original on 2022-11-17. Retrieved 2023-03-09.
  48. "Iranian hackers compromise US government network in cryptocurrency generating scheme, officials say". Archived from the original on 2022-11-17. Retrieved 2022-11-17.
  49. "Iranian hacker group Agrius launches Moneybird ransomware attacks on Israeli entities". www.2-spyware.com. 2023-05-25. Retrieved 2023-05-25.
  50. Kleinman, Danielle (2023-03-07). "Iran Launches Cyberattack on Israeli University". FDD. Retrieved 2023-05-25.
  51. "Iran suspect in cyberattack targeting Israeli shipping, financial firms - Al-Monitor: Independent, trusted coverage of the Middle East". www.al-monitor.com. 2023-05-24. Retrieved 2023-05-25.
  52. "Iran state-backed hackers are shifting to disinformation, Microsoft says".
  53. "هکرهای سپاه پاسداران مخالفان رژیم جمهوری اسلامی را در آلمان هدف قرار می‌دهند". ایران اینترنشنال (in Persian). 2024-01-25. Retrieved 2024-01-25.
  54. Sgueglia, Sean Lyngaas, By Kristina (2023-11-28). "Federal officials investigating after pro-Iran group allegedly hacked water authority in Pennsylvania". CNN. Retrieved 2023-11-29.{{cite web}}: CS1 maint: multiple names: authors list (link)
  55. Kohli, Pankaj (2023-07-27). "Uncovering an Iranian mobile malware campaign". Sophos News. Retrieved 2023-12-02.
  56. "OilRig's persistent attacks using cloud service-powered downloaders". www.welivesecurity.com. Retrieved 2024-01-25.
  57. "حمله سایبری هکرهای جمهوری اسلامی موجب قطع آب منطقه‌ای در ایرلند شد". ایران اینترنشنال (in Persian). 2024-03-01. Retrieved 2024-03-01.
  58. "Disrupting malicious uses of AI by state-affiliated threat actors". February 14, 2024.
  59. "Staying ahead of threat actors in the age of AI". February 14, 2024.
  60. https://www.haaretz.com/israel-news/security-aviation/2024-04-16/ty-article/.premium/click-here-for-sensitive-israeli-data-iran-linked-website-leaks-hacked-secret-info/0000018e-e6c8-de97-a5bf-f6f876a10000
  61. "Lookout Discovers Android Spyware Tied to Iranian Police Targeting Minorities: BouldSpy". Archived from the original on 2023-05-01. Retrieved 2023-04-30.
  62. "Rinse and repeat: Iran accelerates its cyber influence operations worldwide". 2 May 2023.
  63. 1 2 "Facebook says it dismantles disinformation network tied to Iran's state media". REUTERS. 5 May 2020. Archived from the original on 21 August 2021. Retrieved 28 October 2021.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.