IRAM experts have published a report by examining the multidimensional cyber activities of Iran from the process of establishing its cyber infrastructure to the present day.
In the “Iran’s cyber power” report, it was stated that Iran, which carried out activities within the scope of cyber defense and control of the internet until 2010, increased its cyber attack capabilities especially after being exposed to cyber attacks by the USA and Israel.
Stuxnet Operation milestone
The report pointed out that Operation Stuxnet, which targeted uranium enrichment centrifuges at the Natanz Nuclear Plant in November 2010, was a milestone for Iran’s cyber infrastructure and information technologies.
After this date, it was stated that Tehran started to evaluate its cyber attack capacity in order to increase its regional and international influence, and it gave great importance to cyber studies, which it saw as a deterrent for external threats and a suppressor for internal threats.
Foreign companies abandon cooperation as a result of US sanctions
The report also stated that many of the foreign companies contributing to the development of Iran’s internet infrastructure have stopped cooperating with the Tehran administration again due to US sanctions. Thereupon, it was noted that Iran tried to close its deficit through local companies.
It was reminded that the agreement with local companies and the attitude towards strengthening the internet infrastructure mostly by the state caused discussions in Iran, such as China and Russia, that the internet infrastructure is structured in a way that facilitates government intervention.
The aim is to reduce the influence of the international network
In the report, it was stated that behind Iran’s acceleration of its “domestic internet” activities, the international internet network was created by the intelligence services, and the belief that platforms such as Google and WhatsApp are used for spying activities.
It was stated that the cyber policies of the Tehran administration were clearly shaped within the scope of “cyber espionage operations” after Iran was frequently perceived as a cyber threat by Israel and the USA. It was emphasized that advanced cyber actors and various Iranian hacker groups, supported by the Revolutionary Guards Army and various government agencies and institutes affiliated with the Ministry of Intelligence, are the main actors of cyber attacks thought to be of Iranian origin.
In addition, it was stated that state-sponsored institutions are training hacker cadres, while it was noted that Iran increased cyber attacks especially after the US sanctions.
Attacks concentrated on the USA, Israel and Saudi Arabia
According to the report, Iran’s cyberattacks have focused especially on the US, Israel and another rival in the region, Saudi Arabia. Dozens of critical government agencies, private companies and non-state organizations in these countries have been exposed to attacks by Iranian-backed hacker groups repeatedly.
Aside from these, Turkey, United Arab Emirates (UAE), England, Germany, France and Pakistan in more than 40 countries and its affiliated organizations, including the Iran-based exposure was transferred to cyber attacks. In the report, Turkey is an important part of Iranian origin also stated that targeted cyber operations, said exposure to operations in Turkey “specific objectives” was defined as.
The report also noted that Iran, thanks to its offensive cyber capacity, which it has acquired since 2010, has intensified its activities in the country, especially towards opposition persons and groups.