Published March 14, 2011
Iran is gearing up for a cyberwar campaign after being hit with coordinated, sophisticated cyberattacks last year that reportedly crippled its Natanz nuclear enrichment facility.
The Islamic Republic plans “to fight our enemies with abundant power in cyberspace and Internet warfare,” according to Brigadier Gen. Gholamreza Jalali, who leads the country’s Passive Defense Organization.
Part of the plan involves actively recruiting hackers, who will likely earn top toman (Iranian currency) for their work.
“When it comes to projects that are important to them, they have money,” said author Meir Javedanfar, author of The Nuclear Sphinx: Mahmoud Ahmadinejad and the State of Iran.
And there may be a rich talent pool for recruiting: Millions of Iran’s youth are blogging and using social networking sites, slipping around government censors. And some believe it wouldn’t take much to turn some of those computer-savvy youth into hackers.
“There are many true believers in Iran who are highly educated and very savvy with computers,” said Reza Kahlili, a former member of Iran’s Revolutionary Guard.
“Computer experts working on piecemeal projects wouldn’t even necessarily know they were working on a government cyberattack plan, according to Mohsen Sazegara, another former member of the Iranian Revolutionary Guard, who now lives in the Washington, D.C., area. “It’s a process. They write complicated programs and divide and subdivide the work in such a way that even a highly qualified person might not know the end results. So they (the regime) can recruit many people who would not know that the end result of their work might be a computer worm.”
Sazegara said he has heard the regime pays up to the equivalent of $10,000 per month for computer experts. That’s small change for a government compared to the cost of waging military warfare.
“Cyberwarfare is cheap, effective and doesn’t necessarily cause fatalities. It makes much more sense for not-so-wealthy nation states to build up cyber warfare capability rather than investing in missiles and warships,” said Kahlili.
There is at least one cyberwar group already active -- going by the name Iran's Cyber Army -- that has claimed credit for attacks against the sites of some opposition groups.
Sazegara told Fox News his website has been attacked by the Cyber Army, which he said also targeted the Voice of America. It’s not clear who is behind the group, if it is being actively supported by the government or if its hacker are even working from inside Iran.
The question for many is if Iran will be able to take its cyber-meddling further, and create its own version of the Stuxnet computer worm that infected its computers last year.
Mark Fitzpatrick, senior fellow for non-proliferation at the London-based International Institute for Strategic Studies, tells Fox, “I don’t know much about Iranian cyberwarfare capabilities, but I do know that the North Koreans are cyber-savvy.
To the extent that fellow rogue states share notes on asymmetric capabilities—and we know for sure that they do in the missile realm—it stands to reason that the Iranians would also be interested in exploiting Western vulnerabilities in the cyber field, and be capable of reprogramming Stuxnet to turn the tables.”
Stuxnet was widely believed to have devastated Iran’s nuclear program. “We estimate that Stuxnet caused a delay of the Iranian program of up to two years,” said German cyber-expert Ralph Langner.
"This is significant because an air strike would probably not have a bigger effect. We should consider that it is presently impossible to completely stop the Iranian nuclear program and that all efforts aim at a delay.”
David Albright, president of the Institute for Science and International Security, agreed Iran would be able to acquire the capability to wage cyberwarfare. But, he said, “Stuxnet required a lot of serious insider knowledge of Natanz.” He said he doubted whether Iran would have the ability to gather such intelligence on American installations. Albright said he believes the U.S. would consider a cyberattack from Iran to be an act of war, and would respond much more forcefully and aggressively than Iran did to Stuxnet.
No one knows for sure where Stuxnet actually originated — though Israel and the United States are believed by many to be the source of the attacks.
Western experts warned that, over the long term, little could be done to prevent Iran from waging cyberwar. “The worst news about cyber-warfare is that the proliferation of cyber weapons cannot be controlled,” said Langner.
“We will see a learning curve in the same way we saw it with conventional malware. Sooner or later, sophisticated cyber weapons will not only be in the hands of intelligence services and military units, but also in the hands of terrorists and organized crime. There is no way this can be prevented.”