The oppressive Islamic Republic regime has turned Iran into a large prison for people by denying them their basic human rights such as freedom of expression and association. Within this general prison are specific locations such as the notorious Evin prison that the regime locks up political activists that mostly have peacefully demanded their democratic rights such as free media and fair elections. Most of these people are kept for months without being charged or tried. Some are kidnapped in the middle of night without informing their family or lawyer. Most are denied visitation rights. The slightest protest lands them in solitary confinement. Even after “judges” rule that they must be freed, some are kept for indefinite amount of time.
It is in protest against such mistreatment and demand for improving their prison conditions that 17 political prisoners in Evin who are kept in solitary confinement have gone on hunger strike since July 26, 2010. Their families outside the prison have joined them and gone on hunger strike after being denied visitation rights. Three of these prisoners are on “dry” hunger strike and a number of independent medical authorities have warned that most of strikers are in frail physical conditions, some life threatening.
The Solidarity Committee for Advancement of Democracy in Iran (SCADI-NY) is calling for a two-day symbolic hunger strike in front of the United Nations building in Manhattan from Thursday August 12th at 10 AM to support Evin strikers’ demands. Please spread the word and plan to join us for as long as you can afford.
What follows is an article I was asked to translate. Midway through the translation, it occurred to me that it was marred by unsubstantiated statements and exaggerations.
Thursday, 29 Bahman 1388 [February 18, 2010]
Report on the Operation of the Cyber Army in Hacking Websites
During the past few months, the activities of the Iranian Cyber Army have been noted by the Iranian and even the international media. The theory that these hacker groups are connected to the Iranian government was strengthened when, after several sites were hacked, they issued warnings to the Green Movement. The scope of the measures taken by the Cyber Army discredits the theory that a group of Ahmandinejad’s admirers spontaneously carried out such acts. These messages and the nature of the sites chosen for attack indicate that there are hidden hands which support the Cyber Army.
A review of the political messages published by this group in recent months and the official statements of a government administrator of Iran’s aviation industry in defense of the Cyber Army provide a reason for a closer examination of Iran’s Cyber Army, research about which had heretofore claimed was composed of Russian hackers whose base was outside of Iran. But what is the Iranian Cyber Army and where is it based? Before considering these details, a few preliminaries are necessary.
Attack on Twitter
On the morning of Friday, 28 Azar 1388 [December 19, 2009], connection with the website Twitter was cut in some parts of the world and those who tried to access it were transferred to a message in English which read:
U.S.A. Think They Controlling And Managing Internet By Their Access, But THey Don’t, We Control And Manage Internet By Our Power, So Do Not Try To Stimulation Iranian Peoples To….
NOW WHICH COUNTRY IN EMBARGO LIST? IRAN? USA?
WE PUSH THEM IN EMBARGO LIST
Take Care.
Attack on Baidu
On the morning of Tuesday, 22 Dey 1388 [January 12, 2010], the website Baidu, the largest Chinese search engine, washacked. In a message on it, it was written: “The Iranian Cyber army has been launched in protest against intervention by foreign and Zionist sites in our country’s domestic affairs and the spreading of lying and divisive news.”
On 10 Bahman 1388 [January 30, 2010], The Iranian Cyber Army hacked the website of RadioZamaneh, changing its front page to a picture of the Islamic Republic of Iran’s flag and the slogans “Ya Hosein (aleihum salam)” and “Persian Gulf”, under which it was written,
If the Leader commands, we attack
If he asks, we sacrifice ourselves
If he wants us to be patient and steadfast
We will sit down and take it in stride.
On 23 Bahman 1388 [February 12, 2010], those who tried to access the site of Jaras News, which publishes news of the Green Movement, were faced with this message from the Iranian Cyber Army on its front page:
Out of respect for the referendum which was held on 22 Bahman [February 11, 2010] and the people who voted and out of respect for the great nation and country named Iran … do not be a tool of those who live safe and sound in America and are using you as a tool.
A Prank on the Iranian Cyber Army
On 16 Bahman 1388 [February 5, 2010], the website Khodnevis, which is administered by NikahangKosar, wrote in the satirical column “False News”:
In an amazing and unprecedented step, the Iranian Cyber Army hacked the Mehrabad Airport portal so that those who try to access this site, namely airport workers, are directed to the Raja Rail Company when they type in its URL. It is said that the attack occurred in the early hours of the night and continued into Saturday, facing the airport with a serious crisis. The sudden occurrence of dozens of air accidents in the skies over Tehran as a result of the tower’s air traffic control communications systems’ failure was considered the most important danger which followed this attack, threatening the capital of Iran. Although experts believe that this attack was done by mistake and the technical difficulties were fixed an hour later, the Iranian Cyber Army, after hacking the Mehrabad portal, placed a flag of the Islamic Republic of Iran with a blue color [instead of the green color, which is the at the top of the tricolored flag], along with a message reading, “The Iranian Cyber Army warns all mercenaries who would sell-out their country that they will not be safe even in the skies.”
This satire, which was based on an altered version of part of the real message of the Iranian Cyber Army when it hacked Radio Zamaneh, was quickly reflected on Iranian news sites. A few hours later, the rumor spread of a mistaken attack by the Iranian Cyber Army on a government website became a means of ridiculing this group. Although a few hours later, these sites wiped this news from the various sites on which it had appeared, the rumor continued to spread, to the point that some large companies immediately signed multi-year contracts with internet security groups to strengthen the firewalls of their websites.
The Reaction of a Government Administrator
On 18 Bahman 1388 [February 7, 2010], only two days after this rumor spread, Morteza Dehqan, the acting manager of Tehran’s Mehrabad Airport, in the process of denying the attack on this airport’s site in the course of a discussion with a group of journalists, called it news blackmail, saying,
When foreign agents failed to achieve their filthy ends after the elections, they tried to concoct a conspiracy based on an attack on Tehran’s international airport in order to disrupt the country’s security atmosphere, while no such attack occurred on the airport’s website’s portal and this news is a pure lie from start to finish. It is clear that the counter-revolutionary media has discovered the Iranian Cyber Army’s power and, out of fear of its power, wishes to launch accusations through which it can divert public opinion.
Nikahang Kawsar, who had already stated on his site Khodnevis that this news was a rumor, now, after the publication of the interview with the acting administrator of Mehrabad Airport, wrote in part of his report about this event, “ … When Mehrabad Airport’s acting administrator denied the report about the attack on that airport’s website, he defended the Cyber Army’s record, and we realized that our fake news had done its job. An official officer of the Islamic Republic defended the Cyber Army in such a way that it seems that this group is led by the [Islamic Republican] system.”
On Iranian Hacker Groups
During the past eight years, many groups of hackers were formed in Iran of which the most famous are Ashianeh, Shabgard, and Simorgh. These groups freely attacked various websites by taking advantage of the lack of implementing the laws of punishment current in Iran, in order to win fame as well as out of rivalry with other groups.
Following the rise in reports about hijackings of Iranian government websites and the spread of news in this regard, intelligence agencies became interested in the power of hacking tools and began their widespread efforts to control and guide such attacks.
Security and intelligence organizations, inviting infiltration groups’ cooperation, got them to identify and counteract opponents in the internet and form intelligence groups to control the flow of their information. Some time later, these people also taught hacking techniques to military technicians.
The Formation of the Iranian Cyber Army
The group Ashiyaneh was one of the first to join the circle of government infiltrators and set about wrecking the sites of the Islamic Republic’s opponents with the cooperation of the best hackers. Reports of this group’s activities were published in government media, such as Voice and Vision, Keyhan, and IRNA and were noticed very soon.2
Teaching the Military to Hack
Alongside the hacker group activities, supposedly private companies were organized as well whose primary duty was to recruit infiltrating forces, instruct military forces in cyber attacks, and prepare the necessary resources for such attacks. These companies were charged with training infiltrators and carrying out hacking projects for the Iranian Cyber Army. In the meantime, these companies would import technology needed by Iran’s security forces from Dubai. Among the managers of these companies is the son of one of the senior security officers who, utilizing his father’s connections, has been busy for years working with the military and security forces.3 After the formation of a company through the military budget, he has been busy recruiting expert Iranian infiltrators and, having formed a professional and firm group, has begun to accept cyber control projects in Iran and infiltrators for the government.
How Group Members Are Chosen
The plan for the formation of an Iranian Cyber Army was raised in 1384 [2005] in the Revolutionary Guards, but with the increase in propaganda against the ninth government, its execution was sped up. A while later, a very broad group was formed, the number of whose members reached more greater than a few. The Cyber Army’s unit for recruiting human resources works as follows: After recognizing a professional hacker, it contacts him and threatens him that if he does not cooperate, he will be sent off to prison.
Relationships and information of individuals are so controlled that even most of the group members are not yet aware of their collaboration with the Cyber Army. Considering the use of geniuses, the scientific level of the Cyber Army is very high, and considering the high record of activities of the infiltrators in Iran the power of this army in achieving its goal is comparable to similar groups which operate in the American and Israeli intelligence agencies. It is worth saying that the Center for Struggle with Organized Cyber Crime (the Sepah’s cyber troops) is composed of the same people.
In Ordibehesht 1388 [May 2009], Fars news service reported that the foundation Defense Tech, which is an American military and security agency, called Iran one of the five countries with the most powerful cyber forces, based on figures received from the CIA. This foundation declared that the Iranian Cyber Army’s budget is 76 million dollars, emphasizing that it is monitored by a group from the Revolutionary Guard’s cyber supervision team.4
A Short Time to Execute Instructions
Iran’s Cyber Army has so far not been able to breach the servers of the websites it is after, but has contented itself with simply stealing their domains. This method indicates the temporal limitations of the group for executing its infiltration operations. In the past few months, they have carried out orders transmitted by their chief using methods which require less time. In their attack on Twitter, they hacked the computer of one of the members of this company with a Trojan horse and were able, by utilizing his email, to reset the domain of his control panel. This was similar to the attack of 1383 [2004] tried by one of the Iranian hacker groups on one of the NASA websites.5 In attacking Jaras and other websites, the Cyber Army uses the technique of DNS Cache Spoofing which changed the domain.
Footnotes
1 We have seen no reference to this. The Financial Timesreported on January 13, 2010, that Iranian State Television was hacked.
2 Fars news agency claimed that Ashianeh hacked 400 Israeli sites, including Defense Minister Barak and Mossad. (January 7, 10, 2009 via World News Connection via Operation Grey Goose Phase II Report, p. 12. This claim seems exaggerated in the extreme.
3 The vagueness of the article on this point–not naming the government official, for instance–makes this story difficult for me to believe.
4 This is an interesting example of how American alarmism feeds the regime’s self-aggrandizement which in turn feeds the opposition’s alarmism. In fact, the analysis printed in Defense Tech was one man’s opinion based on sources he refused to declare. It was immediately challenged by an Iranian observer. The exchange, which is highly instructive, can be found here. The article’s author does not explain how he obtained such detailed information from such a secretive group.
5 This doesn’t seem to be taken very seriously. An article published in Wired (February 10, 2010) about probes of hack attacks on NASA does not even mention it.
Other Sources
I came upon some useful sources on Iran’s hacking community, which the above article considers a full-fledged army. Here is a very sober assessment from an Islamic website which considerably deflates this image.
This blog's proprietor is Evan Siegel. He is a professor of mathematics. He has been a student of Iranian history, culture, and politics since the seventies. Click here to see his resume.
You are currently browsing the archives for the Uncategorized category.
