The Islamic Republic of Iran presents an “increasingly sophisticated” cyber espionage threat to the United States and its allies, according to the annual Worldwide Threat Assessment of the U.S. Intelligence Community.
Iran, the intelligence community’s report said, has built up its cyber offensive capabilities to such a degree that it enables the Islamic Republic to carry out “attacks against critical infrastructure in the United States and allied countries.”
The Islamic Republic developed its cyber technologies during the decade of international isolation leading up to the 2015 nuclear accord, known as the Joint Comprehensive Plan of Action (JCPOA). Today, the U.S. and Israel consider Iran, together with China and Russia, to be the source of the most aggressive and worrying attacks against their online and electronic infrastructures.
Experts say that “Iranian cyber actors are targeting U.S. government officials, government organizations, and companies to gain intelligence and position themselves for future cyber operations.”
The report also noted that the regime in Tehran “is capable of causing localized, temporary disruptive effects—such as disrupting a large company’s corporate networks for days to weeks—similar to its data deletion attacks against dozens of Saudi governmental and private-sector networks in late 2016 and early 2017.”
The increase in the number and sophistication of Iranian hacking attacks, according to Blake Darché, a founder of the U.S. cybersecurity firm Area 1 Security, reflects the Iranian regime’s role in encouraging these attacks. “Iran spends considerable time in the early kill chain, gathering valuable targeting information against their potential victims for their phishing campaigns,” Darché said in late 2017.
“Iran, which has used social media campaigns to target audiences in both the United States and allied nations with messages aligned with Iranian interests, will continue to use online influence operations to try to advance its interests,” the Senate report concluded.
In August 2018, social media giants Facebook and Twitter shut down hundreds of accounts, including many from Iran, for engaging in what Facebook called “coordinated inauthentic behavior” on the platforms.
The “inauthentic news” propagated by Iranian social media accounts promoted narratives including “anti-Saudi, anti-Israeli, and pro-Palestinian themes, as well as support for specific U.S. policies favorable to Iran, such as the U.S.-Iran nuclear deal (JCPOA).”
[Photo: Katy Levinson / Flickr ]