Cyberspace and Cyber Warfare Capabilities of Iran

Introduction

Internet is probably the most valuable asset for billions of people all around the world. It plays key roles in our social life, governance, education, economy, and became an inseparable part of a free speech. Internet greatly assisted the Arab Spring, revolutionary wave of protests occurring in Arab world from December 2010 and became a source of self-determination and freedom of expression in several conservative countries, including Iran.

Welcome to the Persian Cyberspace

According to the research, conducted by OpenNet Initiative, Internet usage in Iran is increasing at a sharp rate and it reaches about 48 percent annually, thus transforming Iran into a leader compared to other Middle East countries. Nowadays approximately 37 million citizens of Iran have access to the Internet and while the Internet penetration rate is growing, Iran’s Internet culture is rapidly developing.

The prominent role in the development of Iranian Internet Culture is played by blogs. With an estimated 80,000 blogs, Farsi is now the fourth most popular language for keeping online journals. Such rapid break out of blogging started back in 2001, when the Iranian government shut down hundreds of print newspapers and unemployed journalists went online, readers followed. One of the leaders of Iranian blogging revolution was Hossein Derakhshan aka Hoder, who helped to promote podcasting in Iran and set in motion a community’s surreal flight into free speech. This Iranian blogger, who is a citizen of Canada, visited Israel as a journalist and peace activist in 2008. After his return to Tehran, Iranian government arrested Hoder on suspicion of espionage in spying activities for Israel and sentenced him to 19½ years in prison on September 28, 2010. Government stated that Hossein admitted his participation in spying activities for Israel, but majority of free bloggers consider this acknowledgement to be the result of pressure and probably torture too.

At the beginning, authorities encouraged Internet use, thinking it was a good way to spread pro-Islamic, and pro-governmental ideology, thus hundreds of private ISPs emerged. However, from 2001 all of them connected through the Data Communication Company of Iran (DCI), a subsidiary of state-controlled Telecommunication Company of Iran (TCI), allowing governmental authorities to interfere in ISP’s policies.

TCI has monopoly over Iran’s fixed line infrastructure, largest cellular operator, major ISPs and data communication operators. In 2009, the majority shares of TCI were sold to a private consortium, this transaction was considered as the largest in the history of Tehran stock exchange. “This transaction has both bad and good news for Iranians.” Reza Hashemi, Iranian blogger, wrote on his blog, “Internet filtering technologies, fiber optics infrastructure, satellite services and customer care and privacy concerns for all these communication services are dependent on this new ownership and their decisions and how they deal with regulations.” After privatization of TCI its policy did not change a lot and as well as authorities still interfere in the activities of this communication body, and censorship still continues, new positive changes in this field for Iranian people can’t be awaited.

Online Censorship

Considered as the worst in the world in regard of online censorship, Iranian regime regularly takes severe steps to limit free speech and information sharing in cyberspace. One of these steps is the creation of a new national ‘halal’ network, which will be aimed at Muslims on an ethical and moral level. The word halal means compliant with Islamic law, considering this we may assume that authorities will easily block access to even more websites using their national network, thus opening path for online censorship. Ali Aghamohammad, Iran’s head of economic affairs, said recently that the new network would operate in parallel to the normal Internet – banks, government ministries and large companies would continue to have access to the regular Internet. He also mentioned that, the national network could replace the global Internet in Iran, as well as in other Muslim countries.

Cutting Iran out of the global network will have two bad consequences. Firstly, the formation of new separate Internet network, will definitely harden the cyber crime investigation process and considering the Iranian regime policy, we may assume that cyber crime investigation in Iran will be impossible for international bodies. In addition, usage of new Islamic network for cyber attacks will provide additional anonymity features for offenders. Presumably, for this reasons ‘halal’ network will become a shelter for cyber criminals all around the world, thus dramatically increasing the number of cyber attacks initiated from Iran. Secondly, it will inevitably amplify and simplify online censorship on behalf of government. Iranians will not be able to visit any other websites besides ones carrying Islamic messages and this will definitely lock Iranian society from development. Steps like this may transform Iran into North Korea of Middle East.

While the initiative to create a national Internet is still under development, Iranian authorities constantly block and filter certain types of Internet traffic. Iranian Internet users are having difficulties using HTTPS (secured HTTP) protocol, which is used for transferring data from server to web browser and vice versa, and SSL websites, cryptographic protocol providing security of communication in Internet. It means that many modern websites and services like Facebook, Google, Twitter, Hotmail, and others, who use HTTPS to protect private data, are not available for regular Internet users in Iran. In order to completely control cyberspace government has blocked ports for VPN (Virtual Private Network) tools like Tor, which is one of the major ways for staying anonymous in internet. According to War for the Web by blocking Tor traffic, Iran is telling its citizens that it will monitor their Internet traffic, and will prevent them from disguising it. Even some Iranian cybersecurity experts are against such censorships. According to Ehsan Narouzi, Iranian cybersecurity expert who left Iran after 2009 and now lives in Germany “They [authorities] want to execute a plan where no one has protection, so they can trace whoever is involved in what they perceive as antigovernment activity at any given moment and at any location.”

Furthermore, Ministry of Information Communication Technology (MICT) issued 20 new restrictive regulations on cybercafés in 2011. These regulations force Internet cafes to install security cameras, document users browsing history and usage data, as well as collect personal information for each session of use. According to Electronic Frontier Foundation (EFF) Internet cafés will also be required to write down forename, surname, name of the father, national ID number, postcode and telephone number of each customer and retain such information for at least six months. MICT stated, “These rules are aimed at promoting transparency and organization for Internet businesses and offer more protection against online abuse.” However, Internet café owners think that these regulations will restrict customers from using their establishments, forcing them to close. Considering the fact, that cyber cafés are cultural centers in many Iranian towns and probably the major source of the freedom of expression, these regulations will definitely restrict youth from using internet and visiting non-government controlled websites.

Iran’s campaign against online expression does not stop in real world too. Iranian government officially acknowledges executing 17 people since January 2012, however Amnesty International reports receiving information that the true number may be closer to 39 executions. Vahid Asghari, a 24-year-old student in India, and Saeed Malekpour a 36-year old web and circumvention tool developer based in Canada, have been arrested, and accused of hosting websites with “pornographic” content and for creating photo-uploading program, used for uploading pornographic images. Amnesty International reports that Asghari wrote to a judge that “he had been subjected to torture, forced to make a televised ‘confession’ and forced to make spying allegations against high profile blogger Hossein Derakhsan”

Governmental campaign and ‘battle to secure Iranian people from other cultures’, transformed Iran into a police state, people are unable to utilize internationally acknowledged rights and they continue living in fear of being sentenced to death for having different thoughts. Despite legal issues concerning online censorship, economic, technical, and cultural development of Iran is under question mark too. Cutting the Iranian people off from the Internet will cause thousands of businesses to close; development of technical skills will significantly slow down damaging Iranian economy in every way. It is surprising that Iran, country that seeks to develop nuclear power, is trying to limit the development of its future technical work forces; probably in few years, Iran will not be able to maintain any global competitive edge in technological or creative innovation. Even if Stuxnet, Flame and other such threats, stipulated this campaign, it still is a false conclusion that any country can be secure by cutting itself from Internet, we must not forget that Stuxnet and probably Flame too spread by USB hard disk, requiring no remote interference.

Cyber Warfare and Cyber Army

In 21th century, permanent war is going on in the virtual battlefield and in order to succeed, some countries create new army divisions, for defensive and offensive purposes. Recent cyber attacks on Estonia and Georgia, and cyber war weapons like Stuxnet, DuQu, and Flame are probably the most visible reasons why cyber army became an important asset for the majority of countries and especially for Iran. After the discovery of Stuxnet Iran began active investment in the formation of its own cyber army unit and today, Iran has second largest and probably the most hostile cyber army, ready to attack western countries anytime.

Iranian Revolutionary Guards Corps (IRGC) raised the idea of Iranian Cyber Army in 2005. Intelligence agencies thought that cooperation of identified hackers would be useful to pinpoint their ‘western rivals’, for this reason authorities started recruiting some hackers and private cyber security companies in order to teach their techniques to military technicians. Government’s policy is harsh against hackers too, when they identify a professional hacker, authorities contact and threaten him with imprisonment, if he does not cooperate. According to Public Broadcasting Service, individual relationships and the flow of information are so tightly controlled that many participants are not even aware that they have been recruited as government collaborators and members of the Cyber Army. Iranian Cyber Army is responsible for attacks on Twitter, Chinese search engine Baidu and Voice of America. According to PSB “In the attack on Twitter, they hacked the computer of one of the company’s officers with a Trojan horse and were able, by utilizing his email, to reset the domain of his control panel. The method was similar to that used in an attack five years earlier on a NASA website by an Iranian hacker group. In attacking Jaras and other Iranian sites, the Cyber Army has employed the DNS cache spoofing technique to divert traffic from the intended domain.”

Iranian Revolutionary Guard Corps or Pasdaran is a socio-military-political-economic force with influence reaching deep into Iran’s power structure. A former Supreme Leader Ayatollah Khomeini formed IRGC in 1979; its current forces consist of naval, air, and ground components, total roughly 125,000 fighters.

According to Mohsen Sazegara, former member of the Iranian Revolutionary Guard, who now lives in the Washington D.C. area, recruited hackers are paid $10.000 monthly, twenty times more than average salary per month in Iran, furthermore recent reports showed that, staff of RGCDC includes up to 2500 members, with an approximate budget of $80 million. It is for sure that such amount of money will attract Iranian youth and hackers to join national forces in fight against Iran’s “western enemies”, and we may assume that such policy will transform Iran into a more dangerous player for the international community.

Besides IRGC another paramilitary volunteer militia, Basij is paid to do cyberwork on behalf of the regime, and provide much of the work force for Iran’s cyber-operations. During the war in Iraq, the Basij emerged as a volunteer force organized by civilians to provide support to the IRGC and the regular military. On March of 2011, Ali Fazli, the acting chief of the Basij militia, admitted that hackers working for this military body attack websites used by “Iran’s enemies”. He noted that the Basij Technology and Information Department is working in the field of cyber warfare, and that without Basij members Iran would be unable to contend with its enemies. Fazli added that the Cyber Army working for the military organization has members who are lecturers, students, religion students, and women, who not only initiate attacks but also disseminate pro Islamic and pro Iranian information around Persian cyberspace; they are paid $60 for each subject they post on pro Iranian blogs and about $1000 for each blog they create. Basij also tries to control Persian cyberspace and fights against independent Internet activists by monitoring networks and even using force against people with distinguished thoughts on current regime.

Iranian government’s latest $1 billion investment in the development of cyber war capabilities might help us conclude, that while western nations try to impose economic restrictions and monitor nuclear program, Iran is seriously developing its cyber war capabilities. These capabilities presumably include recruitment of hackers and computer experts, development of new Stuxnet like cyber weapons and cyber defensive shields, thus strengthening its position in the virtual warfare. According to Defense Tech’s ‘Iranian Cyber Warfare Threat Assessment’, Iran is in top five global rating for Cyber Capabilities. In addition, recent reports show that Iran owns cyber weapons like electromagnetic pulse weapons, compromised counterfeit computer software, wireless data communications jammers, computer viruses and worms, cyber data collection exploits, computer and networks reconnaissance tools, embedded Trojan time bombs.

Conclusion

All the above-mentioned facts and statements expose two main issues regarding the cyber space of Iran. Firstly, people of Iran are forced to live in a police state and under constant fear of being arrested for having different thoughts. Governmental restrictions and wish to control Internet is growing not annually but on daily basis, thus slowing down the economical, technical, and cultural development. Will Iran face same protest waves as it was in Egypt? Presumably, such restrictions are going to give rise to protests of youth, who wish to develop their skills and are unable to do so, due to restrictions on the usage of Internet. Eventually more Iranians will understand that they have internationally acknowledged human rights, freedom of choice between police state and a state without oppressive regime, but the question is about when.

On the second half, Iran is developing its cyber warfare capabilities by investing even more money in it. Iran does not hide an interest to unleash its ‘cyber fury’ on western nations and has quite enough opportunities for that. Presumably, Islamic Republic is going to use cyber weapons if international community does not stop imposing limitations on Iran. While Iranian cyber threats are rising it is important for every country to start investing in cyber defense, because series of cyber attacks may seriously damage or even destruct countries economy.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.