The wave of protest washing across Iran from Dec. 28 exposed the astonishing fact that an estimated 48 million Iranians possess smartphones – all fitted with social media and communications apps. Telegram alone is believed to have 40 million users, which the government cannot fully control, but is not immune to an Internet shutdown. Western intelligence agencies count Iran as the sixth member of the global superpower cyber club, up there along with the United States, Britain, Israel, Russia and China.
That being so, intelligence and military strategists in the West were becoming concerned by Iran’s cyber warfare capabilities, no less than any other long-range weapon, for menacing its enemies at home and abroad.
But by day four of the street rallies which dotted the Iranian map, that concern was much allayed. While Iranian authorities strained all their skills to shut down Internet media communications among the demonstrators, Western and anti-Iranian Arab agencies working together behind the scenes broke through that effort and restored the networks in short order. They too were surprised by how quickly the blockages were removed, never expecting that by Monday night, Jan. 1, the networks would be back on line. They were also helped by the encouragement Iranian users received from the State Department in Washington to use virtual private networks (VPNs), which create encrypted links between computers and can access blocked websites.
The Iranian government’s doomsday cyber weapon for breaking up the protest movement had fired blanks. Tehran’s frustration was vented by Ali Shamkhani, the secretary of Iran’s Supreme National Security Council, who said on Wednesday, “Hashtags and messages about the situation in Iran come from the United States, Britain, and Saudi Arabia. What is happening on social networks concerning the situation in the country is a proxy war against the Iranian people.”
DEBKA Weekly’s intelligence sources were not surprised to find Tehran sending out feelers to Moscow and Beijing for expert assistance to impede Western raids on its communications networks. This put both in an awkward position, Neither Vladimir Putin nor Xi Jinping is inclined at the moment to run up against President Donald Trump on Iran, certainly not in the field of cyber warfare. For Russia, which is already entangled in siding with Iran’s military positions in Syria, the cyber issue is an ultra-sensitive subject in his overt and covert relations with Washington. The Chinese president is in the same boat as Putin.
Iran’s cyber capabilities were rated highly in the West after its success in bringing down the CIA’s super-sophisticated “eye in the sky”, the 170 Sentinel drone, in December 2011 over the Iranian border. It later turned out that the wizards who overpowered the drone were Chinese.
A year later, Ayatollah Ali Khamenei, Iran’s supreme leader, established the supreme cyber council. This weapon has been used mostly to control dissent and monitor emigres. The Guards run a sophisticated and highly trained elite group for more advanced cyber activities. Iran also runs proxy cyber forces like Hizballah which are provided with “proliferated” malware for using against their enemies.
Cyber hacking is the main task of a group in the Basij, which often draws on Iran’s large pool of young computer-literate students for talent to market the Islamic Republic’s gospel at home and abroad. This group is responsible for much of the cruder and more belligerent activity in cyber space, such as defacing websites and attacking US, Saudi or Israeli companies with denial of service attacks.
Although groomed by the IRGC, they are not rigidly controlled, which makes them unpredictable and hard to deter.