Cyber Warfare in The Islamic Republic

05/29/2018
By Robin Wilson

The United States charged nine Iranians with the theft of intellectual property from American universities, companies, and government agencies through a yearlong cyber attack campaign.[1] These suspects work for an Iranian government contractor, the Mabna Institute, supposedly on behalf of the Islamic Revolutionary Guards Corps (IRGC).[2] The IRGC is Iran’s elite military force that defends the clerical regime both internally and externally.[3]

Beginning in 2013, these cyberattacks are known to have stolen intellectual property and academic data from 144 American universities and 176 universities located in twenty-one additional countries.[4] Through phishing, the fraudulent attempt to obtain sensitive information by acting as a trustworthy source in electronic communication, the nine targeted over 100,000 professor email accounts, threatening national security and causing economic harm of up to $3.4 billion to universities.[5] Additionally, at least thirty-six US-based and eleven international, private companies were targeted and compromised, along with at least five government agencies that included the Labor Department and Federal Energy Regulatory Commission.[6]

Since the United States and Iran have no diplomatic relations, the suspects will remain in Iran and not be extradited. However, the Justice Department has used indictments to prevent those involved from leaving Iran without the threat of arrest.[7] This is a strategy the United States has also used against the Russians recently accused of interfering in the 2016 presidential campaign.[8]

Researchers have described threatening Iranian actors as state-sponsored, due to the suspected direct relationship with the government entity the Islamic Revolutionary Guard Corps. Sometimes the actors are not integrated into the forces of the state, but in this case there is evidence that they were.[9]

Bahram Qassemi, an Iranian foreign ministry spokesperson, stated that the United States’ sanctions were an act of provocation, proving hostility towards Iran, and they would not stop Iran’s technological advancement.[10] These events demonstrate an increasing sophistication among Iranian hackers. The country has been using proxy forces recently such as patriotic hackers, contractors, university students, and engineers to attack and investigate Iran’s enemies. Since around 2012, there has been a notable string of successful Iranian hacking.[11] At least part of this development can be contributed to the 2010 cyber attack on Iranian nuclear facilities, Stuxnet. The reported U.S-Israeli project caused Tehran to release increasingly sophisticated cyber attacks on its adversaries in response to threats on its nuclear programs.[12]

First, online breaches were employed to combat domestic political opposition, but they have turned to private companies of the US and its allies.[13] Recently, Iran has also been blamed for a cyber attack on the United Kingdom, though it is not known if the same hackers were to blame or a different entity. This accessing of Parliament’s email accounts is described as proof of Iran becoming “more aggressive and capable as a cyberpower.” It is to be noted, however, that this increasing use of information theft is not just existent in Iran, but in a number of states.[14]

On the topic of the US, Iran, and cyber attacks, recently there was an attack on thousands of routers worldwide. Hackers left the message “Don’t mess with our elections,” accompanied by the American flag. While Iran was minorly affected in comparison to other countries, it is a demonstration of ongoing tensions. [15]

This event could have far more consequences regarding relations between Iran and other countries, such as the nuclear deal.[16] Unless President Trump waives them in May, U.S. sanctions that have been lifted under the Joint Comprehensive Plan of Action will resume. Tehran has stated that it won’t violate JCPOA, but it did say that an American withdrawal from the deal would cause remorse.[17] Trump has denounced this deal many times. This conflict could cause Iran to move further away from a relationship with the US and cause the further strengthening of ties with China and Russia in order to reduce any impact of American decisions.[18]

 

[1] Benner, K., & Perlroth, N. (2018, March 23). U.S. Charges 9 Iranians in Huge Theft of Intellectual Property. Retrieved April 16, 2018, from https://www.nytimes.com/2018/03/23/us/politics/iranians-hacking-scheme-irgc.html

[2] Ibid.

[3] Volz, D. (2018, March 24). U.S. charges, sanctions Iranians for global cyber attacks on behalf… Retrieved April 16, 2018, from https://www.reuters.com/article/us-usa-cyber-iran/u-s-charges-sanctions-iranians-for-global-cyber-attacks-on-behalf-of-tehran-idUSKBN1GZ22K

[4] Ibid.

[5] Breuninger, K., Forkin, J., & Mangan, D. (2018, March 23). Iranian hackers attacked college professors, US agencies and companies: Justice Department. Retrieved April 16, 2018, from https://www.cnbc.com/2018/03/23/us-indicts-iranian-nationals-in-iran-government-backed-scheme-on-us-universities.html

[6] Ibid.

[7] Benner, K., & Perlroth, N. (2018, March 23). U.S. Charges 9 Iranians in Huge Theft of Intellectual Property. Retrieved April 16, 2018, from https://www.nytimes.com/2018/03/23/us/politics/iranians-hacking-scheme-irgc.html

[8] Ibid.

[9] Anderson, C., & Sadjadpour, K. (2018, January 04). Iran’s Cyber Threat: Espionage, Sabotage, and Revenge. Retrieved April 16, 2018, from https://carnegieendowment.org/2018/01/04/iran-s-cyber-threat-espionage-sabotage-and-revenge-pub-75134

[10] BBC. (2018, March 24). Iran angered by US imposition of cyber sanctions. Retrieved April 16, 2018, from http://www.bbc.com/news/world-middle-east-43527152

[11] Benner, K., & Perlroth, N. (2018, March 23). U.S. Charges 9 Iranians in Huge Theft of Intellectual Property. Retrieved April 16, 2018, from https://www.nytimes.com/2018/03/23/us/politics/iranians-hacking-scheme-irgc.html

[12] Shalal-Esa, A. (2013, January 18). Iran strengthened cyber capabilities after Stuxnet: U.S. general. Retrieved April 16, 2018, from https://www.reuters.com/article/us-iran-usa-cyber/iran-strengthened-cyber-capabilities-after-stuxnet-u-s-general-idUSBRE90G1C420130118

[13] Benner, K., & Perlroth, N. (2018, March 23). U.S. Charges 9 Iranians in Huge Theft of Intellectual Property. Retrieved April 16, 2018, from https://www.nytimes.com/2018/03/23/us/politics/iranians-hacking-scheme-irgc.html

[14] BBC. (2017, October 14). Iran blamed for Parliament cyber-attack. Retrieved April 16, 2018, from http://www.bbc.com/news/uk-41622903

[15] Reuters Staff. (2018, April 08). Iran hit by global cyber attack that left U.S. flag on screens. Retrieved April 16, 2018, from https://www.reuters.com/article/us-iran-cyber-hackers/iran-hit-by-global-cyber-attack-that-left-u-s-flag-on-screens-idUSKBN1HE0MH

[16] BBC. (2017, October 14). Iran nuclear deal: Global powers stand by pact despite Trump threat. Retrieved April 16, 2018, from http://www.bbc.com/news/world-41618165

[17] Reuters Staff. (2018, April 09). Iran tells Trump he would regret dropping nuclear deal. Retrieved April 16, 2018, from https://www.reuters.com/article/us-iran-nuclear-rouhani/iran-tells-trump-he-would-regret-dropping-nuclear-deal-idUSKBN1HG0U7

[18] AFP. (2018, March 25). US hostility means Iran must boost China, Russia ties: Official. Retrieved April 16, 2018, from http://www.arabnews.com/node/1273141/middle-east