Forget China: Iran's hackers are America's newest cyber threat
WASHINGTON — In March 2012, Ayatollah Ali Khameini, the Supreme Leader of Iran, publicly announced the creation a new Supreme Council of Cyberspace to oversee the defense of the Islamic republic's computer networks and develop new ways of infiltrating or attacking the computer networks of its enemies. Less than two years later, security experts and U.S. intelligence officials are alarmed by how quickly Iran has managed to develop its cyber warfare capabilities — and by how much it's willing to use them.
For several years, Iran was believed to possess the ambition to launch disruptive attacks on Western, Israeli or Arab computer networks, but not necessarily the technological capability of actually doing so. Those doubts have largely evaporated.
In late 2012, U.S. intelligence officials believe hackers in Iran launched a series of debilitating assaults on the websites of major U.S. banks. The hackers used a well-honed technique called a denial of service attack, in which massive amounts of traffic are directed at a site's servers until they crash. But the traffic flow in the bank attack was orders of magnitude greater than anything U.S. security officials had seen up to that point, indicating a remarkable degree of technical sophistication.
Last year, U.S. officials say that Iranian hackers infiltrated a large unclassified computer network used by the Navy and Marine Corps. Officials now say it took the Navy four months to fully clear its systems and recover from the breach, which was first reported by the Wall Street Journal.
"Iran should be considered a first-tier cyber power," Gabi Siboni, a cybersecurity expert with Israel's Institute for National Security Studies, said during a speech in Washington last December.
Western analysts see Iran's embrace of cyberattacks as a strategic attempt to counter the conventional military forces of the United States and Iran's regional rivals, particularly Saudi Arabia. Some analysts have blamed Iran for an attack on the computers of Saudi Aramco, the national energy company that supplies about 10 percent of the world's oil. The attack erased data from 30,000 computers, but it didn't affect oil and gas production and distribution facilities.
Analysts debate whether Iran should yet be included in the same league as the United States, Israel or China, which each possess extensive capabilities to launch attacks on computer networks and the critical infrastructure connected to them, including electrical power facilities. But U.S. intelligence agencies now judge that Iran is well on the path to becoming a formidable cyberforce.
James Clapper, the U.S. director of national intelligence, recently warned that Iran's "development of cyber espionage or attack capabilities might be used in an attempt to either provoke or destabilize the United States or its partners.
The heart of Iran's national cyber efforts is the cyberspace council set up in 2012. It's chaired by the Iranian president, Hasan Rouhani and its members include senior government officials, including the head of Iran's elite Revolutionary Guard, which controls military units believed to conduct offensive cyberoperations and electronic warfare, such as jamming communications systems.
Iran was motivated to ramp up its cyber-security efforts, particularly the defense of its internal networks and vital infrastructure facilities, after a cyberattack on an Iranian nuclear facility by the United States and Israel that disabled 1,000 centrifuges used to enrich uranium, a key component of a nuclear weapon.
Iran's defensive capabilities today are devoted to preventing another such attack, as well as monitoring and suppressing domestic political opponents who threaten the regime, Siboni wrote in a recent analysis of Iran's capabilities.
The Revolutionary Guard now owns and controls the biggest communications company in Iran, Siboni said. The government restricts access to the public Internet and monitors computers in Internet cafes. A domestic police force, known as FETA is charged with monitoring online activity and speech, as well as combating fraud and theft.
But it's the offensive side of the ledger that worries U.S. officials the most. In the past week, Iranian leaders have threatened to use cyber warfare against Tehran's enemies.
"One of the options on the table of the U.S. and its allies is a cyberwar against Iran. But we are fully prepared to fight cyberwarfare," said Gen. Mohammad Aqakishi, the commander of the information technology and communication department of the armed forces' general staff, according to Iran's Tasnim news agency.