Feeds

Hackers, bloggers 'bunged cash to spin for Iran 2.0'

Put in a good tweet for us, says Revolutionary Guard

Choosing a cloud hosting partner with confidence

CyCon 2012 The Iranian government is investing heavily in hacking expertise and online propaganda in order to promote its way of life under the country's post-Islamic Revolution regime - as well as using its new resources to tighten up control and surveillance of its citizens.

This is according to Jeff Bardin, chief intelligence officer at Treadstone 71, a US-based intelligence analysis firm. He told delegates to the International Conference on Cyber Conflict (CyCon) in Tallinn, Estonia that intelligence divisions within the Iranian military are working together with former members of hacking groups to fight "Western cultural influences" and online dissidents as well as promoting Iranian foreign policy objectives.

Key groups in the move include the Islamic Revolutionary Guard Corps (IRGC), the paramilitary Basij militia and the hacker group Ashiyane, according to Bardin. Ashiyane, which maintains an active forum, denies any affiliation with the IRGC or the Iranian government. But Bardin claimed that, contrary to its denials, Ashiyane actually offers training courses in IT security to Iranian government organisations as a preferred supplier.

Bardin said he believes the core members of Ashiyane were drawn from a hacker group that cut its teeth defacing Western websites and running more elaborate hacks as the so-called Iranian Cyber Army.

The Iranian Cyber Army used a DNS attack to hijack Twitter in 2010 before using much the same techniques to redirect surfers towards a defaced version of the home page of Chinese search engine Baidu weeks later.

Ashiyane appears to have expertise in running DDoS attacks to knock websites offline, web page defacement, infiltration and credit card theft, says Bardin.

The IRGC is an overarching organisation whose role in Iranian society has expanded behind its origins as a type of national guard to become a huge business empire and lynchpin of President Mahmoud Ahmadinejad's administration.

Shortly after playing a key role in suppressing dissent following the disputed presidential election of June 2009, the IRGC, by way of a company it is tied to, acquired a majority $8bn stake in the Iran Telecommunications Company. By controlling the telecoms infrastructure, the IRGC can now apply even heavier censorship controls on Iranian web access.

The Revolutionary Guard was established in 1979 to suppress counter-revolutionary forces but it has become is similar to what it was created to eliminate: the Shah's Imperial Guards. Bardin described the organisation as employing a "communist-style model" featuring regular "purges" and constant-jockeying for position and favour, a process often affected by external events.

"The IRGC didn't foresee the power of social networking" in the run-up to the 2009 Iranian presidential elections but is now pushing heavily to promote a Web 2.0 version of its brand of Islam.

Bardin said that the IRGC is paying online activists and bloggers to promote the Islamic Republic in forums, Facebook pages and elsewhere online, an assessment shared by Israeli intelligence analysts - but they reckon reckon cyber workers are paid $4.30 (£2.70) an hour, which is higher than the average wage.

Iran is seeking to promote its version of Islamic Revolution to the Shia populations of neighbouring Gulf states, such as Bahrain, as well as influencing political groups in Syria, Lebanon and Palestine – including Hezbolah and Hamas.

IRGC is very capable and the West shouldn't "underestimate its adversary," Bardin concluded.

Other IRGC operations may have included planting a back door in a Trojanised version of the Simurgh privacy tool to spy on Iranian surfers and the infamous Diginotar and Comodo digital certificate hacks, Barbin suggested.

Bardin's well-attended talk limited itself to Iran's information warfare and propaganda capabilities and deliberately skirted any reference to the infamous Stuxnet worm or the recently uncovered Flame worm, aside from a brief reference to Iran's development of a home-grown anti-virus capability. Bardin said he didn't want to discuss (presumed) US or Western capabilities in cyber-espionage. ®

Beginner's guide to SSL certificates

More from The Register

next story
Russian hackers exploit 'Sandworm' bug 'to spy on NATO, EU PCs'
Fix imminent from Microsoft for Vista, Server 2008, other stuff
Microsoft pulls another dodgy patch
Redmond makes a hash of hashing add-on
FYI: OS X Yosemite's Spotlight tells Apple EVERYTHING you're looking for
It's on by default – didn't you read the small print?
'LulzSec leader Aush0k' found to be naughty boy not worthy of jail
15 months home detention leaves egg on feds' faces as they grab for more power
Forget passwords, let's use SELFIES, says Obama's cyber tsar
Michael Daniel wants to kill passwords dead
Kill off SSL 3.0 NOW: HTTPS savaged by vicious POODLE
Pull it out ASAP, it is SWISS CHEESE
Facebook slurps 'paste sites' for STOLEN passwords, sprinkles on hash and salt
Zuck's ad empire DOESN'T see details in plain text. Phew!
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Cloud and hybrid-cloud data protection for VMware
Learn how quick and easy it is to configure backups and perform restores for VMware environments.
Three 1TB solid state scorchers up for grabs
Big SSDs can be expensive but think big and think free because you could be the lucky winner of one of three 1TB Samsung SSD 840 EVO drives that we’re giving away worth over £300 apiece.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.