Iran: A Rising Cyber Power?

To understand what domestic and strategic factors may have encouraged Iran to seek stronger cyber-capabilities, it helps to look at the several ways Iran uses such capabilities. First, Iran wants to keep its citizens under surveillance. Second, Iran wants to know the intentions and capabilities of other countries. Third, Iran wants a capability to harass those it sees as its foes. Fourth, it may be preparing larger attacks. Although all these uses require the capability to penetrate or otherwise manipulate systems and networks, each has its own motivation. The broader overall motivation remains the same: Iran is a country with revisionist tendencies that has accumulated enemies – which in turn has impelled it to develop techniques to keep them at bay. Cyber, in some circumstances, is a particularly cost-effective way of doing so.

Although the current regime has wanted to keep its citizens under surveillance since the 1979 revolution that brought it to power, its interest in doing so reached a peak in 2009 in the wake of a disputed election that spurred the Green Movement. Urban youth – the very people most likely to use social media – constituted the core of the dissidents. The government, in turn, identified particular dissidents by tracing their social media use, making inferences based on what they wrote and who they were reading. To suborn the machines of otherwise careful users, Iranian government hackers subverted two digital certificate firms – Comodo and Diginotar – and thereby managed to impersonate what would otherwise have been considered safe sites. Thus attracted, dissident machines would be served malware in order to keep their users under surveillance as they surfed other Web sites.