Iran Pursues Stronger, More Restrictive Cyber Strategies

In the past month, the Iranian government has called for white-hat hackers to help track down online criminals, established a cyber partnership with North Korea, and gave details of its planned National Information Network.

Following attacks on its critical infrastructure and businesses, Iran's government has kicked off a number of initiatives aimed at strengthening its digital defenses and its ability to operate online.

On Sept. 23, the Iranian government announced it had implemented the first step toward creating its National Information Network by connecting all government agencies to the secure network. The next phase will be to require citizens to use the national network, reportedly by March 2013. The country has already started using the national network to block access to Google.

The move follows other initiatives to bolster the nation's online defenses and capabilities. In early September, for example, the head of Iran's Cyber and Information Exchange Police (FETA) called for white-hat hackers to aid the government in catching criminals that operate online. The government has also reportedly required each agency to create a "cyber-rescue squad" to help defend them against attacks.

"Clearly the strategy will result in a more controlled, less open Internet—it definitely presents a threat to activists since a good portion of the strategy appears to target them directly," said Ronald Diebert, director of the Canada Centre for Global Security Studies and the Citizen Lab at the University of Toronto. "I would anticipate that we will see the use of offensive cyber-capabilities directed at foreign adversaries abroad in the wake of Stuxnet revelations."

The steps to bolster its power online follow attacks on Iran's nuclear processing capabilities by the Stuxnet computer virus and widespread targeting of Iranian businesses and government agencies by other online espionage attacks, such as Duqu and Flame. All three attacks were carried out by the United States and Israel, according to reports.

The recent events have convinced the nation that cyber-attacks and online activism are a more real—and certainly, present—danger than kinetic war, Abdollah Araqi, deputy commander of ground forces in the Islamic Revolutionary Guard Corps (IRGC), told the Iranian Students’ News Agency (ISNA) according to a Reuters report Sept. 25.

“We have armed ourselves with new tools, because a cyber-war is more dangerous than a physical war,” he said.

Many have voiced concerns that the country will use the national network to censor its citizens. Already the nation has blocked traffic to and from Google, citing the posting of an anti-Islamist film to YouTube. The Iranian government has also partnered with North Korea to exchange information and technical knowledge about cyber-attacks targeting the two nations.

However, it's unlikely that the Iran government plans to exercise a level of control similar to North Korea's regime, said the University of Toronto's Diebert. Cutting itself off from the Internet completely will have too great an impact on its population, he said.

"The Iranian regime wants to capitalize on Internet access, primarily for economic reasons, while controlling its negative side effects," Diebert said. "In this regard, it's probably best likened to China's control strategy."

The University of Toronto and the Munk School of Global Affairs noted the various Iranian initiatives in the Middle East and North Africa CyberWatch report released Sept. 24.

Robert Lemos

Robert Lemos

Robert Lemos is an award-winning freelance journalist who has covered information security, cybercrime and technology's impact on society for almost two decades. A former research engineer, he's...