Time to confront the Iranian regime’s cyber army
Along with Iran’s military adventurism, the regime’s cyberattacks have become an increasing threat to the stability and security not only of the region, but also the world.
The US Department of Justice last week launched criminal charges against two Iranians over a cyber-based campaign seeking to influence the outcome of the 2020 presidential election. According to the department, Seyyed Mohammad Hossein Musa Kazemi, 24, and Sajjad Kashian, 27, gained access to confidential US voter files and then “sent threatening email messages to intimidate voters.”
The two men are also said to have created and disseminated a disinformation video on purported election infrastructure vulnerabilities and gained access to a US media company’s computer network, which would have allowed them to make false election claims had the FBI and the network failed to act.
It is important to point out that this is not an isolated development. The Iranian regime has a history of launching cyberattacks against foreign countries and organizations that it views as rivals. For example, several intelligence agencies and officials in 2017 revealed that a group of Iranian hackers, known as “Cadelle and Chafer,” carried out damaging cyberattacks against Saudi Arabia.
At the time, the Saudi government also warned telecommunications firms that a malicious Iranian software program called “Shamoon” had been involved in attacks against at least 15 governmental and nongovernmental networks in the Kingdom.
The Tehran regime was also behind a 2012 cyberattack against Saudi Aramco that disabled 30,000 of the oil giant’s computers — more than three-quarters of its total. The strike against Aramco is still viewed as one of the most damaging and costly cyberattacks committed by state-backed hackers. Meanwhile, in 2017, a private cybersecurity firm identified an Iranian group as being behind attacks on US and South Korean aviation and energy companies, while British intelligence concluded that Iran had targeted the email accounts of dozens of MPs.
Furthermore, two hackers based in Iran were accused of carrying out a series of cyberattacks on US targets in November 2018, which included crippling the city of Atlanta’s government by targeting hospitals, schools and state agencies. Data from these major institutions was held in exchange for ransom payments. Brian Benczkowski, former head of the Justice Department’s criminal division, said that the two individuals “deliberately engaged in an extreme form of 21st-century digital blackmail, attacking and extorting vulnerable victims such as hospitals and schools — victims they knew would be willing and able to pay.”
The Iranian regime also uses its cyber program to silence domestic opposition and spy on Iranians living abroad, particularly those who are influential in forming foreign policy and criticizing the regime.
Sanctioning individuals who are behind these cyberattacks is a step in the right direction, but is far from adequate. The US and other powers must target and sanction top Iranian organizations and politicians in charge of the regime’s cyber program and its financing.
The leading institution is the Islamic Revolutionary Guard Corps. The Israeli-based Institute for National Security Studies has said: “The IRGC clearly makes the country one of the best and most advanced nations when it comes to cyberwarfare. In a case of escalation between Iran and the West, Iran will likely aim to launch a cyberattack against critical infrastructures in the US and its allies, (targeting) energy infrastructure, financial institutions and transportation systems.”
Iranian Supreme Leader Ali Khamenei also plays a crucial role and, in fact, ordered the establishment of the Supreme Council on Cyberspace in order to develop cyber policies. This council has become a key pillar of the IRGC and Iran’s foreign and domestic strategy. The council also directly reports to the supreme leader, while the regime is investing significantly in advancing its cyber program.
Sanctioning individuals who are behind these cyberattacks is a step in the right direction, but is far from adequate.
Dr. Majid Rafizadeh
Iran’s cyber program was most likely designed to be offensive and proactive. The regime views it as an effective and cost-efficient means of inflicting damage on rivals.
In a nutshell, at a time of heightened tension, the US and regional powers must be prepared to counter the Iranian regime’s cyberattacks. Appropriate measures must be taken, including the sanctioning of leading figures and institutions in charge of the regime’s cyber program — the IRGC, the Supreme Council on Cyberspace, and the supreme leader.
- Dr. Majid Rafizadeh is a Harvard-educated Iranian-American political scientist. Twitter: @Dr_Rafizadeh