Home » Cyber Security Center » Iranian Cyber Warfare Threat Assessment

Iranian Cyber Warfare Threat Assessment

The Iranian military consists of the Army, Air Force, Navy, and a Revolutionary Guard force. Iran’s total active duty armed forces numbers 513,000, while reserves add another 350,000. The army is divided into 3 army headquarters with 4 armored divisions and 7 infantry divisions, 1 airborne brigade, 1 Special Forces division and now 1 cyber division. Their budget equates to between $95 and $100 per capita. This figure is lower than other Persian Gulf nations, and lower as a percentage of gross national product than all other Gulf States except the United Arab Emirates.

Education is considered a top priority in the development plans of the country, the authorities have endeavored to increase the primary education enrolment rate. In 2008 Iran had over 3.5 million students enrolled in universities. In the past two decades the education system and curricula have been reformed multiple times. Application of modern educational equipment and technologies such as information and communication technologies is developing considerably. The increased attention to higher education is producing the computer scientists and technology engineers necessary to have an advanced cyber weapons program.

Iran’s Software Capability

Iran has the capacity to meet the large domestic demand for software and at the same time to become internationally competitive. The software sector itself, although strong in some areas, is not internationally competitive. The Iranian High Council of Informatics has categorized 543 informatics companies, and the software sector output is around $50 million although, once again, statistics are educated guesses rather than based on hard statistical evidence.

Iran’s Asymmetric Capabilities

Iran has significant asymmetric warfare capabilities and poses an additional threat of proliferation. Iran’s economic growth last year surpassed 7%. The expansion of their economy is funding research, development and acquisition of strategic military capabilities. They are intensely focused on developing their other means of military and asymmetrical weapons and tactics. Iran’s military buildup poses direct threats to U.S. interests. It is believed that Iran has fairly advanced cyber-warfare weapons and offensive plans that include cyber attacks against a specific government web sites and infrastructure. Iran’s cyber ambitions are ambitious and troubling. The following section represents and estimation of Iran’s cyber warfare capabilities.

Estimated Cyber Capabilities

Iran Islamic Revolution Guards Corps (IRGC)

Military Budget: $11.5 Billion USD
Global Rating in Cyber Capabilities: Top 5
Cyber Warfare Budget: $76 Million USD
Offensive Cyber Capabilities: 4.0 (1 = Low, 3 = Moderate and 5 = Significant)

Cyber Weapons Arsenal (In Order of Threat)

Electromagnetic pulse weapons (non-nuclear)
Compromised counterfeit computer software
Wireless data communications jammers
Computer viruses and worms
Cyber data collection exploits
Computer and networks reconnaissance tools
Embedded Trojan time bombs (suspected)

Cyber Weapons Capabilities Rating Moderate to Advanced

Cyber Force Size 2,400

Reserves and Militia: Reserve with an estimated at 1,200
Broadband Connections: Less than 100,000
Hacker Community: Hackers have demonstrated their capabilities by successfully attacking numerous Israeli Web site and others. Cyber activists are common in Iran and very active.

Many world leaders as well as U.S. President Bush has publicly vowed that he would never “tolerate” a nuclear Iran. The question now is what about a cyber Iran?

– Kevin Coleman

September 23rd, 2008 | Cyber Security Center | 408542 CommentsIranian+Cyber+Warfare+Threat+Assessment2008-09-23+12%3A14%3A56Ward

{ 42 comments… read them below or add one }

A September 23, 2008 at 10:09 am

I am really wonderful how you evaluating the capability of other nation? that is what i believed the US lack of knowledge about Iran (and maybe other nations) in all aspects . you think these stuff are accurate ? not at all.i am an INFO SEC professional in IRAN.while i hope my nation can secure their network infrastructure and become one of outstanding force in Cyber-Warfare , but the truth is different.security in cyberspace is still overlooked by gov and we suffer from lack of professionals in info-sec (we buy too many high-tech hardware and software from US but we just buy and don’t know how to securely implementing them).peoples graduate from university , but with no up-to-date knowledge and hands on experience.this is not like the US university that the university and industry or gov are in tight relation with each other.in most of time the basic principle of info-sec don’t understood by IT professionals.people think just about writing codes , install Network devices and OS , Application without security in mind. in most case i see network OS not patched since installation and nobody think about the risk because they don’t know what those patch do.i see too many network devices leaved with unsecured configuration.i am sure in iran we can’t count more than 100 Sec-pro (the real professionals not the script kiddies that even don’t know how TCP/IP work).it is odd how you estimated about 2400 cyber force.i should mentioned the possibility of using some cyber mercenaries from china , Russia of other cybercrime org. if you evaluated the other nation capability in cyber warfare (like china and US ,but they are the big one and have real capability), i can sleep tonight without nightmare.

Kevin September 23, 2008 at 12:41 pm

To answer your question here are the top 10 inputs.
1. Exploits that have been said to have come from the nation.
2. Past cyber attacks that have been said to have been launched by that nation.
3. Military budget numbers published by third parties.
4. CIA global fact data
5. Education focus on computer science and technology
6. Hi tech industry base
7. Global communication study that identifies broadband connections per country
8. Computer industry PC sales data
9. Statements made by the nation’s government and military leaders
10. Trusted web sources that track and publish military, intelligence and other related information.
We do try to keep cyber crime and cyber warfare intel seperate.

Roy Smith September 23, 2008 at 1:21 pm

You know,instead of all of this “boogeyman” bullshit,we need to worry about what is going on in Pakistan,for instance. If the Paki President & Prime Minister had not changed their dinner plans,they’d have been caught up in that hotel bombing & possibly killed. Also,let’s not forget the Bear(Russia) reawakening & sending military supplies,bombers,& navy fleets to Cuba,Venezuela,& Bolivia. Instead,we are treated to a daily diet of fear talking about “cyber terrorists”,”blond hair blue eyed” terrorists,& other assorted “boogeymen” & ghosts. We are thisclose to getting our asses handed to us in Afghanistan & we are busy chasing mythical creatures known as “terrorists” in our nation. Talk about a “Neo-Con” job. According to Homeland Security & our “Jewish” masters,all of us Goyim are “terrorists” & need to have our civil rights,liberties,& freedoms suppressed. All “defense spending” is geared to Northern Command & Department of homeland Security(to keep us Goyim in line),none to strengthen our national security against real enemies(Russia,China,& now Pakistan) with real conventional weapons & WMDs.

Factoryidiot September 23, 2008 at 4:20 pm

Allot of superstition there, remembering such guess work lead to a wide belief Iraq had WMD’s.
The amount of guess work and scare mongering in that article really makes it a waste of time to read. What were you trying to achieve?

SpyGuy September 23, 2008 at 5:32 pm

I would like to specifically address Factoryidiot & Roy Smith.
YOU TWO AMATURES NEED TO KNOCK-IT-OFF NOW.
Intelligence work is all about collecting disparate pieces of information and data, keeping it in context, look for patterns and interpret what it means. That is what this article and most of this blog has been about and I hope will continue to be about. You AMATURES would be well served to shut up and learn something. The author is not always right

Site Visitor September 23, 2008 at 5:48 pm

I consistently see such hostility to Kevin Coleman’s posting. Could someone please explain why this is?
My only guess is that some of the “old-school” military types are intimidated by the “new-school” cyber warefare and don’t want to admit that an entire ware can be fought and won without a single bullet being fired.
Iran’s cyber capabilities is an extremely relevent topic – why the hostility?

Brian September 23, 2008 at 7:21 pm

Factoryidiot was not entirely wrong, IDIOT is in his name – that part was right

gsak September 24, 2008 at 12:35 am

Anyone want to actually contribute something?
I’m currently employed in the field of low-level network testing and such, and I say this is a relevant topic.
When it comes to LAN/WAN-level PC security, Operating System diversity is an outstanding defense. It’s less-common for an individual intruder to be proficient in penetrating some arbitrary combination of Unix, Linux, SELinux, Windows, FreeBSD and Mac OS X simultaneously.
I’ve seen some so-so security implementations on Secret networks while in the service, and I’m never surprised when I catch a news story talking about one being compromised.
Same with the nuke security stories. I’m never surprised. It just reminds me of the good old days and never getting caught. Or getting caught and having a Master Chief let it go.
So, America probably isn’t as slickity slick as you’d be tempted to think, but I’d bet that same rule applies to Iran, at least as much.

Wembley September 24, 2008 at 4:51 am

The #1 top threat listed is an EMP weapon – but not evidence si given that Iran has or is developing this capability.
That’s pretty weak stuff. The commenters saying that this look like an attempt to build up an imaginary threat do have a point. Let’s have some substance here.

Kevin September 24, 2008 at 8:41 am

Wembley – three things!
I REFUSE to publish anything that could compromise a source of intelligence or perhaps give any info as to how much we know or are prepared to handle these threats.
Two as for the EMP capabilities look at the piece posted on here earlier on TEDS & EPFC. NATO has made many statements and conducted briefings on this threat.
Recently NATO’s Chief of Cyber Defense stated that cyber terrorism/cyber attack poses as great a threat to national security as a missile attack. Strong words for sure.
Most people do not equate cyber war with explosives, but that is short sighted. Ever heard of TEDs or EPFCs? If you haven

gsak September 24, 2008 at 11:35 am

Kevin is talking about Transient Electrostatic Discharge and Explosively-Pumped Flux Compression Generators.
There are a few others out there, including High-Powered Microware (narrow and wide-band), and particle beam techniques.
Hardening of a target against these attacks usually has to be deliberate; in other words, don’t expect something to survive unless the shielding has been tested and also regularly maintained.
I’m personally interested in laser-induced dielectric breakdown, with the intention of causing a natural lightning strike.
Information on any of these examples is available on the unclassified Internet.

Kevin September 24, 2008 at 12:17 pm

GSAK
I heve been looking at laser-induced dielectric breakdown but there is very little research going on that I can find. Do you know who is conducting research in this area?

mtheory September 24, 2008 at 1:11 pm

Hi Kevin,
You’re right that it’s not a mature technology; however, there’s some work going on at NM Tech and here is a great report on some of the current research:
http://www.opticsexpress.org/DirectPDFAccess/9587C322-BDB9-137E-C333CAF199F6EE52_157189.pdf?da=1&id=157189&seq=0&CFID=16420237&CFTOKEN=12859585

gsak September 24, 2008 at 1:13 pm

Whoops.. I was playing around with different handle ideas and posted under the wrong one. :)
Anyway, hope you like the article.

Jimbo Jones September 26, 2008 at 7:28 am

Will the Iranians photoshop us to death?

XENUPS September 27, 2008 at 9:30 am

2008
ASHYANE TM
DELTA HACKING TM
JUST SEARCH IT IN THE GOOGLE

Rigma September 27, 2008 at 5:32 pm

HAHA!Terrorists going to school is a given one…
And that they hack better than write software is
also a given one!!! They have no thoughts on personal upgrades…Astral religion…

angel October 21, 2008 at 5:08 am

That’s OK!But take a closer look following link,It’s great to DVD and PSP converter for mac!
DVD Ripper for Mac,
Mac DVD Ripper Suite,
Mac DVD Converter Ultimate Suite,
Mac DVD Copy,
Mac DVD Creator,
Mac DVD to iPod Converter,
Mac DVD to iPhone Converter,
Mac DVD to MP4 Converter,
Mac DVD to Apple TV Converter,
Mac DVD to PSP Converter,
Mac DVD to BlackBerry Converter,
Mac DVD Audio Ripper,
Edit DVD,
Vob Converter for Mac,
VOB to iPod Converter for Mac,
VOB to Apple TV Converter for Mac,
VOB to PSP Converter for Mac,
VOB to MPEG4 Converter for Mac,
VOB to M4V Converter for Mac,
VOB to 3GP Converter for Mac,
VOB to MPG Converter for Mac,
VOB to AVI Converter for Mac

angel October 23, 2008 at 1:29 am

mm May 5, 2009 at 4:34 pm

down whit usa

0neERROR Digital Hacking Tm ( IRAN ) May 8, 2009 at 9:55 am

Hack is good BUT FIRST SECURITY !
IRAN Hacking Army …
Ready FOR attack …

0neERROR Digital Hacking Tm ( IRAN ) May 8, 2009 at 9:57 am

Hack is good BUT FIRST SECURITY .
I R A N H A C K I N G A R M Y : READY …

kevin May 10, 2009 at 3:32 am

kose nane khamenie ghatele iran,
kose nane ahmadinejad dozde iran

MAHDI May 21, 2009 at 1:23 pm

BE CAREFUL IRAN IS SO STRONG

Pirooz December 2, 2009 at 7:15 am: yes,Iran and it's soldiers are very very strong.
قوی هست قویتر هم خواهد شد
ولی نه برای جنگ بلکه در برابر استعمارگران منفعت طلب.
موفق باشی ایران من…..
Reply

Geraldanthro June 11, 2009 at 2:05 am

Iran’s cyber capabilities are mostly kiddy scripts.
Weak server protection and their WWW is subject to
shut down with in 24 hrs, loss of all connections to outside world.
http://warintel.blogspot.com/2009/06/key-posts-cyber-warfare.html
Gerald
Anthropologist.

mohsen June 28, 2009 at 6:00 am

? ? ? ?
?

ferdosi July 18, 2009 at 8:29 am

If I may, a few words to my friend the InfoSec Pro above: Buddy, what you say about sad state of security is true in the circles you work: “normal” corporations, dinky gov. offices, etc. You obviously don’t have very much info about the inner workings of the more security oriented establishments. Let me ask you this: in the more than a decade that Iran has had a national interbanking network, how many instances of cyber crime and hacking of the banking system servers has occurred? what? maybe less than 10? and i assure you, the banking networks are not the most secure networks in Iran – not by a long shot.
Detailed information in this subject is not in the public domain – not even for veteran IT professionals in Iran. Successful launch of a satellite into orbit is no laughing matter – in terms of technical and scientific requirements. And i should be clear and emphasize on the launch ops – the satellite was a joke as we all know. do you honestly think government agencies with the kind of haphazard data integrity management policies that you described, could successfully carry out such extremely complex operations?

amir August 2, 2009 at 9:45 am

??? ?? ???????
??? ?? ??????
??? ?? ?????
?? ??? ??? ???????? ??????? ???
WE STANDING FOR VICTORI

ProjectSAD August 13, 2009 at 6:50 pm

Kevin, thanks for the great work. The abundance of noise pollution on this post goes to show how closely you

freedom August 29, 2009 at 1:09 am

??? ?? ?????? ??????
down whit islam
long live iran

ali September 7, 2009 at 4:09 am

???? ?? ?????? ??????
???? ?? ????????? ???? ???????? ?????? ??????
???? ?? ????? ??????
?? ???????

soheil bashardoust September 21, 2009 at 12:00 pm

it is right
http://www.boronz.com
persian directory

reza October 21, 2009 at 1:25 pm

salam.salam be hameye kasani ke deleshon vase iran misoze.az dast in mardom faghat mitonam sar be chah besporam…
hala mifahmam hazrat ali chera ba chah dardo del mikard.delam az daste in mardom khone.adamaye hale hazer iran mesle mardom kofe ,hata bad tar az ona shodan.man nemidonam in 40 melyon jamiat ke ray dadan be ki be chi be che hadafi ray dadan??????????
be inke gosht beshe folan ghadar…
be inke motadamun bishtar beshan…
be ibke bishtar az in to donya khar beshim…
be inke bishtar az in aghab bemonim to har arse…
be chi vaghean be chi ray dadan.
vaghean kheili adamye sathi negari hastim.
delam be hale hamamun misuse.
fekr mikonim ke khoda azamun razie.ama motmaenam ke halemun pishe khoda badatar az ye ghatel ya ye…
iran dorost nemishe

jlkjlkjlkjlk December 2, 2009 at 7:11 am