Feeds

Hackers, bloggers 'bunged cash to spin for Iran 2.0'

Put in a good tweet for us, says Revolutionary Guard

The essential guide to IT transformation

CyCon 2012 The Iranian government is investing heavily in hacking expertise and online propaganda in order to promote its way of life under the country's post-Islamic Revolution regime - as well as using its new resources to tighten up control and surveillance of its citizens.

This is according to Jeff Bardin, chief intelligence officer at Treadstone 71, a US-based intelligence analysis firm. He told delegates to the International Conference on Cyber Conflict (CyCon) in Tallinn, Estonia that intelligence divisions within the Iranian military are working together with former members of hacking groups to fight "Western cultural influences" and online dissidents as well as promoting Iranian foreign policy objectives.

Key groups in the move include the Islamic Revolutionary Guard Corps (IRGC), the paramilitary Basij militia and the hacker group Ashiyane, according to Bardin. Ashiyane, which maintains an active forum, denies any affiliation with the IRGC or the Iranian government. But Bardin claimed that, contrary to its denials, Ashiyane actually offers training courses in IT security to Iranian government organisations as a preferred supplier.

Bardin said he believes the core members of Ashiyane were drawn from a hacker group that cut its teeth defacing Western websites and running more elaborate hacks as the so-called Iranian Cyber Army.

The Iranian Cyber Army used a DNS attack to hijack Twitter in 2010 before using much the same techniques to redirect surfers towards a defaced version of the home page of Chinese search engine Baidu weeks later.

Ashiyane appears to have expertise in running DDoS attacks to knock websites offline, web page defacement, infiltration and credit card theft, says Bardin.

The IRGC is an overarching organisation whose role in Iranian society has expanded behind its origins as a type of national guard to become a huge business empire and lynchpin of President Mahmoud Ahmadinejad's administration.

Shortly after playing a key role in suppressing dissent following the disputed presidential election of June 2009, the IRGC, by way of a company it is tied to, acquired a majority $8bn stake in the Iran Telecommunications Company. By controlling the telecoms infrastructure, the IRGC can now apply even heavier censorship controls on Iranian web access.

The Revolutionary Guard was established in 1979 to suppress counter-revolutionary forces but it has become is similar to what it was created to eliminate: the Shah's Imperial Guards. Bardin described the organisation as employing a "communist-style model" featuring regular "purges" and constant-jockeying for position and favour, a process often affected by external events.

"The IRGC didn't foresee the power of social networking" in the run-up to the 2009 Iranian presidential elections but is now pushing heavily to promote a Web 2.0 version of its brand of Islam.

Bardin said that the IRGC is paying online activists and bloggers to promote the Islamic Republic in forums, Facebook pages and elsewhere online, an assessment shared by Israeli intelligence analysts - but they reckon reckon cyber workers are paid $4.30 (£2.70) an hour, which is higher than the average wage.

Iran is seeking to promote its version of Islamic Revolution to the Shia populations of neighbouring Gulf states, such as Bahrain, as well as influencing political groups in Syria, Lebanon and Palestine – including Hezbolah and Hamas.

IRGC is very capable and the West shouldn't "underestimate its adversary," Bardin concluded.

Other IRGC operations may have included planting a back door in a Trojanised version of the Simurgh privacy tool to spy on Iranian surfers and the infamous Diginotar and Comodo digital certificate hacks, Barbin suggested.

Bardin's well-attended talk limited itself to Iran's information warfare and propaganda capabilities and deliberately skirted any reference to the infamous Stuxnet worm or the recently uncovered Flame worm, aside from a brief reference to Iran's development of a home-grown anti-virus capability. Bardin said he didn't want to discuss (presumed) US or Western capabilities in cyber-espionage. ®

Next gen security for virtualised datacentres

More from The Register

next story
Rupert Murdoch says Google is worse than the NSA
Mr Burns vs. The Chocolate Factory, round three!
e-Borders fiasco: Brits stung for £224m after US IT giant sues UK govt
Defeat to Raytheon branded 'catastrophic result'
Germany 'accidentally' snooped on John Kerry and Hillary Clinton
Dragnet surveillance picks up EVERYTHING, USA, m'kay?
Snowden on NSA's MonsterMind TERROR: It may trigger cyberwar
Plus: Syria's internet going down? That was a US cock-up
Who needs hackers? 'Password1' opens a third of all biz doors
GPU-powered pen test yields more bad news about defences and passwords
Think crypto hides you from spooks on Facebook? THINK AGAIN
Traffic fingerprints reveal all, say boffins
Microsoft cries UNINSTALL in the wake of Blue Screens of Death™
Cache crash causes contained choloric calamity
prev story

Whitepapers

5 things you didn’t know about cloud backup
IT departments are embracing cloud backup, but there’s a lot you need to know before choosing a service provider. Learn all the critical things you need to know.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.
Rethinking backup and recovery in the modern data center
Combining intelligence, operational analytics, and automation to enable efficient, data-driven IT organizations using the HP ABR approach.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.