Iran expands cyber warfare forces, attacks critical Western infrastructure
Amid Iran's recent demonstration of its military capabilities including the test-firing of ballistic missiles, which have drawn harsh criticism in the West and resulted in economic sanctions, a group of cyber warfare experts under the direct command of Iran’s Revolutionary Guard Corps has significantly increased its operations in recent months.
The fingerprints of the hacker organization that calls itself “Rocket Kitten”, whose IP addresses lead directly to Iranian army command, were discovered again on Tuesday, this time within the computer control system of one of the most sensitive infrastructure facilities in Central Europe.
The advanced persistent threat attack collected information from the organization’s systems and sent it slowly and systematically to Tehran. American information security companies, including ones with R&D centers in Israel, recently succeeded in identifying the developers of the malware and released a number of worrying conclusions this week:
1. The hackers operated by the Iranian security forces and intelligence have been split up into different units, so they are departmentalized and it is difficult to infiltrate them on a daily basis.
2. The cyber warfare specialists are using unique tools developed in Iran so they do not have an identifiable signature, making it very hard to locate viruses and other methods of infiltrating systems.
3. A large portion of the approximately 2,000 missions by the hackers targeted Saudi Arabia, the US and domestic targets within Iran, and only a small amount were directed against Israel.
4. A large amount of the missions were aimed at preparing for future attacks on major infrastructure targets such as power stations, dams, airports, seaports and factories processing dangerous materials.
5. Tehran has become an exporter of malware, including to Hizballah, Yemeni rebels and the Syrian army.
One of the information security companies called Iran “the new China” in light of the number of hackers, the scale of the resources invested in cyberattacks on Western infrastructure, and its reliance on universities and on young citizens skilled in the use of computer technologies and social networks.