Iranian cyber terrorism represents a threat to world security, as Tehran uses its cyber tools for espionage and sabotage in various countries and has developed its offensive capabilities in this field, in violation of international standards and threatening to international stability.
US State Department spokeswoman Morgan Ortagus said in a tweet that Iran has increasingly spread malicious behavior in cyberspace against a variety of entities based in the United States.
Ortagus clarified on Saturday, September 26, that Tehran even reached the point of spreading its malice against financial companies, universities and the vital energy infrastructure on US soil.
Subversive Revolutionary Guard
The Iranian Revolutionary Guard Corps (IRGC) is often the main force behind such cyber operations. It recruits hackers from outside the government to carry out these operations and usually focuses on “soft” targets, such as the most vulnerable commercial entities, vital infrastructure, and non-governmental organizations.
Iranian cyber operations have also focused largely on Saudi Arabia and other Gulf countries. In 2012, the Iranian regime launched an attack on tens of thousands of computers used by Saudi Aramco. This led to unemployment and hundreds of millions of dollars in losses.
The attack was repeated again in 2016 and 2017, which led to the destruction of public databases, including those of the Saudi General Authority of Civil Aviation (GACA) and the central bank.
The Iranian regime has a long history of targeting the cyber sphere in the United States. In 2016, the Counterintelligence and Export Control Section (CES) of the National Security Division (NSD) revealed that between late 2011 and mid-2013, entities linked to the IRGC carried out coordinated attacks to disrupt the services of the American financial sector. This resulted in the temporary disruption of banks’ websites, preventing customers from accessing their accounts online, and costing banks millions of dollars in losses.
Despite the Iranian regime’s efforts to conceal its role in these incidents, the US government has accused many Iranians and groups linked to the IRGC of committing these crimes, according to a US State Department report. In addition, in 2017, the US Treasury Department listed several Iranians on the terrorist list for their participation in malicious online activity. The decision confirmed that they were working for private computer security companies affiliated with the IRGC.
In 2018, the US Attorney General’s Office for the Southern District of New York revealed an indictment of nine individuals linked to the Iranian Mabna Institute, accused of conducting a massive, coordinated cyber attack between 2013-2017 on behalf of the IRGC. They targeted about 144 universities based in the United States and at least 176 other universities located in 21 other countries.
Hackers have also successfully penetrated the computer systems of US federal agencies, the United Nations, the United Nations Children’s Fund (UNICEF), and many American and foreign private sector companies.
The indictment stated that the Mabna Institute stole more than 31 terabytes of documents and data, in addition to intellectual property and the contents of e-mails. This prompted the US Treasury Department to place the institute and the individuals associated with it on the terrorist list.