How Iran built such a formidable cyberwar machine |
How Iran built such a formidable cyberwar machine
Even as bombs fall across the Middle East, Iranian-linked hackers are launching digital attacks across the region. Decades of investment made that possible.
[Images: agrus/Adobe Stock; Hairem/Adobe Stock]
BY Chris Stokel-Walker
Bombs are falling across the Middle East as the United States and Israel try to bring Iran to heel. But while physical infrastructure is toppling in Iran, the country’s digital armies are still fighting with force.
Groups linked to the Iranian regime have hit Jordanian gas firms, as well as businesses in the UAE and Qatar, as part of its Great Epic cyber offensive. Countries including the UK, whose military base in Cyprus has been hit by Iran-linked missiles, have begun warning businesses to prepare for possible Iranian cyberattacks.
That raises a bigger question: How did Iran become such a formidable force in cyberwarfare, and to what end?
A cyber shock to the system
Iran’s cyber prowess today stems in part from an earlier attempt to cripple its capabilities. In 2010, the United States and Israel reportedly launched the Stuxnet virus against Iran’s Natanz nuclear facility, destroying centrifuges and setting back the country’s nuclear program. (Both countries have denied involvement in the attack.) The attack was widely seen as the first true cyberweapon used against real-world infrastructure—and a wake-up call to Iran about the destructive potential of digital warfare. The intervention, unprecedented at the time, was designed to delay or halt Iran’s nuclear ambitions.
It may well have succeeded in that. But it also pushed Iran to focus on another form of combat: cyberspace, inspired by the way it had been attacked. “Being on the receiving end of what was the world’s first true cyber weapon showed Iran exactly what was possible then and in the future,” says Jake Moore, global cybersecurity advisor at ESET, a cybersecurity firm.
In response, Iran moved aggressively to build its cyber capabilities. The country established governance and coordination structures—including the Supreme Council of Cyberspace in 2012—to advance its goals, while also sponsoring advanced persistent threat (APT) groups through the Islamic Revolutionary Guard Corps and the Ministry of Intelligence. Iran’s cybersecurity budget increased by 1,200% between 2012 and 2015, according to contemporaneous reports.
A glut of technical talent
Iran has also benefited from a strong base of technical talent, some of which has been directed toward offensive cyber operations. “Iran is one of the top countries for producing software and computer engineers,” says Mo Hoseini, head of resilience at ARTICLE 19, a human rights organization focused on digital rights.
Claire's went from tween mall icon to bankrupt — twice?