The Iranian Cyber Threat

Iran’s Cyber Force is one of the most powerful in the world today. Their force of cyber warriors has executed a number of crippling attacks and their warriors are among an extensive and secretive network of hackers, some of which cannot be traced to any one particular group. In this three-part series we have broken down the Iranian cyber structure and delved into detail with Iran’s leading offensive arm, the Iranian Cyber Army, and the impact of their attacks.

Part 1: Iran’s Total Cyber Structure

The structure of Iran’s cyber force is sophisticated and difficult to comprehend. The level of control and security over the communication and links between members is such that some of the hackers are not even aware of the fact that they’re working for the Iranian government.  In regards to the skillful and talented members in the group and substantial investment, experts have compared, in some cases, the Iranian hackers’ performance to their counterparts in the United States, China, Russia and Israel (to gain a more in-depth comparison of the world’s top cyber-literate countries visit our blog 2013 the Year of the Cyber-War).

Below, we have broken down the structure for each sector of Iran’s cyber workforce:

High Council of Cyberspace

In Iran, the highest government body that deals with Cyberspace is a newly established organization named the High Council of Cyberspace. This council includes high-level Iranian authorities such as:

• Parliament
• Heads of the judicial power
• The President
• Head of the state-run radio-television
• Police
• Ministers of Intelligence, Telecommunication, Culture, Science, etc.

This organization was set up in March of 2012 by order of supreme leader Ayatollah Khamenei with the mission of instituting high-level policies on cyberspace. All other Iranian organizations in charge of cyber operations are committed to operate under this new establishment.

Iran’s Cyber Army

Iran’s Cyber Army is a group comprised of highly skilled specialists in information technology and professional hackers whose identities are unknown. This group is not officially registered and no agency or government organization has assumed responsibility for it; however, irrefutable evidence suggests that the group is affiliated with the IRGC. The IRGC has not yet officially assumed responsibility for Iran’s Cyber Army, yet some IRGC authorities have made references to the activities of the Cyber Army and its connections to this military force.

Defense Command

In November of 2010, right after Iran’s atomic facilities were attacked by the Stuxnet virus, an organization called “The Cyber Defense Command” was created in Iran under the supervision of the country’s Passive Civil Defense Organization which itself is a subdivision of the Joint Staff of the Armed Forces.

According to the head of the Passive Civil Defense Committee, the Cyber Defense Command is responsible for providing security to the country and its infrastructure against cyber threats. From the way officials have defined this command, its work is “defense” against cyber-attacks. The idea of having a cyber-defense command was introduced by some government officials a few years before, but they only managed to convince senior authorities of the regime to approve the creation of such an organization after the Stuxnet virus attack on Iran’s nuclear facilities by Israel and the United States.

The Police

Since the 2009 Iranian presidential election, which resulted in protests by green movement supporters in response to allegedly fraudulent election results, the Iranian police have been paying growing attention to the country’s Internet operations as well.

In September 2009, the chief police commander announced the creation of the Cyber Police. This special police unit was named “FETA Police”. This group’s main task is to confront Internet crimes. One responsibility of FETA Police is similar to what is done with Internet crimes in other countries and includes combating fraud, personal information theft, threats, etc. However, this police unit also has the responsibility to combat so-called “political and security crimes” as well.

One of the Tehran police officials summarized the duties of this force as follows:

• Identify technical weaknesses of government sites and ways to remove them.
• Infiltrate “distasteful” sites and “criminal” email accounts.

In fact, the most important activity of the police in cyberspace is controlling Internet users by applying pressure on ISPs and forcing them to provide information on Internet users.

Basij Paramilitary Force

Basij Paramilitary Force is the least professional unit among the institutions within the Iranian regime for Internet operations. In recent years, Basij has made large investments for such operations. It must be mentioned that after its reorganization in 2007, the armed units of the Basij have now become members of the ground forces of the IRGC while its non-military units, which constitute the majority of the Basij units, have the responsibility for soft war and are particularly in charge of cyber war with enemies of the Iranian regime.

Despite the extensive planning of the Basij and the IRGC to expand the activities of the Cyber Council; compared to Iran Cyber’s Army, this body is still made up of mostly inexperienced individuals who engage in less complex hacking or infiltration operations on sites and emails, while the more sophisticated operations rest with the Iran Cyber Army of the IRGC.

Continue reading about Iran’s leading offensive arm in Part 2 of this series on Iran’s Cyber Force, Part 2: Iranian Cyber Army.