Iranian hackers are more open in admitting they are sponsored by state security forces
[ Page 42 ]
It is also easy to see how the general doctrines and approaches of the Iranian security services and foreign policy organs are being mapped to Iran’s new activi- ties in cyberspace. Iran’s hackers appear to move easily between ostentatious attacks and defacements and very quiet preparations for future operations, just as Iran’s security and intelligence forces do. They main- tain a similar two-track system of responding overtly to perceived attacks against Iran while continuing covert efforts to expand their abilities to conduct future attacks. They seem to prefer to operate as individuals or small groups with plausibly deniable links to the state, just as their militant proxies throughout the region do, as opposed to the overt state control China maintains over its hackers. Iranian hackers rarely claim to be fully independent of the state, like Russian “hacktivists” do, and acknowledge their relationship with state and security entities from time to time. In this respect they are like Shi’a militias in Iraq and Syria, who maintain their nominal independence from Iran while explicitly recognizing their relationships with Tehran, the assistance they receive from Iran, and their loyalty to Iran’s values.108
Iran has been developing cyber warfare capabilities for years and accelerated these efforts following the Stuxnet attack that set back their nuclear weapons program. Several large-scale hacking incidents against Western targets show that Iran is also becoming more adept and confident in conducting offensive cyber attacks to further its revolutionary aims.