About | HeinOnline Law Journal Library | HeinOnline Law Journal Library | HeinOnline
LOG IN
LOG IN

1 1 (January 13, 2020)

handle is hein.crs/govbgyw0001 and id is 1 raw text is: FF. January 13, 2020 Iranian Offensive Cyberattack Capabilities Iran's use of cyberspace has evolved from an internal means of information control and repression to more aggressive attacks on foreign targets. The regime has been developing its own cybersecurity software and internet architecture in order to protect and insulate its networks, and it has been developing technological cyber expertise as a form of asymmetric warfare against a superior conventional U.S. military. Iran also has a history of using cyberattacks in retaliation against the United States. In 2010, a computer worm known as Stuxnet was discovered by cybersecurity researchers to have infiltrated the computers that controlled nuclear centrifuges in Iran, causing physical damage and preventing operation. The Stuxnet worm was reported to have been a joint effort between the governments of the United States and Israel. Following the discovery of the Stuxnet malware, U.S. assets experienced an increase in the severity and duration of cyberattacks originating in Iran. Recent events have heightened interest in Iran's current cyberattack capability with respect to U.S. vulnerabilities. Since the advent of the Stuxnet worm, Iran has been investing resources in developing its own cyber forces and organizations. Some of these entities reside within the government and military, while others appear to operate more independently. Some focus more on defensive capabilities but may operate in concert with military units conducting offensive operations. The information below draws from unclassified sources. Iran Cyber Police. A law enforcement unit, the Cyber Police is responsible for tackling what it considers internet crimes. To this end, the unit monitors online activity within Iran, including infiltrating websites and email accounts of political dissidents. Ministry of Intelligence and Security (MOIS). Similar to the U.S. National Security Agency, MOIS is responsible for signals intelligence and collecting information from electronic communications. Supreme Council of Cyberspace. Also known as the High Council of Cyberspace, this body coordinates cyberspace policy for the Iranian government and coordinates between offensive and defensive cyber operations. National Cyberspace Center (NCC). An entity of the Supreme Council of Cyberspace, the NCC is largely concerned with information content and development of internal internet security controls. The NCC is also tasked with preparing for a cultural war between Iran and its enemies, according to the 2013 NCC Statute issued by Iran. Islamic Revolutionary Guard Corps (IRGC). A branch of the Iranian Armed Forces, this military force oversees offensive cyber activities. IRGC Electronic Warfare and Cyber Defence Organization. This organization provides training courses in cyber defenses and denies access to and censors online content and communications. Basij Cyber Council. Considered a paramilitary force, Basij comprises nonprofessionals, using volunteer hackers under IRGC specialist supervision. These volunteers are sometimes referred to as cyber war commandos. National Passive Defense Organization (NPDO). Formed for infrastructure protection, one of the NPDO's main roles according to analysts is to use all national cyber and non- cyber resources to deter, prevent, deny, identify, and effectively counter any cyberattack against ... Iran's national infrastructure by either hostile foreign states or [domestic] groups supported by them. Cyber Defence Command. Also known as Cyber Headquarters in the Iranian military, this group conducts offensive cyber operations along with the Basij Cyber Council. The command may have been created as a corollary to the U.S. Cyber Command. Iran has been known to employ proxies to conduct cyber operations. These range from either patriotic or financially motivated individual hackers, to private sector contractors and quasi-governmental organizations. Given the amount of control that the Iranian regime exercises over the internet activity of its citizenry, one may assume that while the actions of individuals may not be state-directed, it is almost certainly state tolerated or even encouraged. The use of proxies also allows the regime to maintain plausible deniability for the attacks, thereby avoiding escalation. However, readily identifiable signatures in the computer code suggest that the Iranian government endeavors to take the credit for attacks on foreign entities as a demonstration of ability. Mabna Institute. A group of private sector contractors that conduct computer intrusion, wire fraud, and data theft at the behest of the government of the Islamic Republic of Iran and the IRGC. K~:> gogn, q goo g , q aS ' X 11LULANJILiN,

What Is HeinOnline?

HeinOnline is a subscription-based resource containing thousands of academic and legal journals from inception; complete coverage of government documents such as U.S. Statutes at Large, U.S. Code, Federal Register, Code of Federal Regulations, U.S. Reports, and much more. Documents are image-based, fully searchable PDFs with the authority of print combined with the accessibility of a user-friendly and powerful database. For more information, request a quote or trial for your organization below.



Short-term subscription options include 24 hours, 48 hours, or 1 week to HeinOnline.

Purchase Access

Already a HeinOnline Subscriber?

Log In

profiles profiles most