CYBER CAPABILITIES AND NATIONAL POWER: A Net Assessment 115
10. Iran
Iran regards itself as being in an intelligence and
cyber war with its enemies. In 2010, when the Stuxnet
aack on Iran by the United States and Israel was
revealed, the country had lile access to international
cyber-security suppliers and only a very small num-
ber of domestic researchers in the eld. Since then,
however, it has become a determined cyber actor
against US, Gulf Arab and Israeli interests. At the
same time, a perceived need to quell domestic oppo-
sition through increased internal cyber surveillance
has dovetailed with the government’s desire to coun-
ter external threats. However, economic depression,
political turmoil and internal deciencies suggest that
Iran will not be able to boost its indigenous cyber-
defence capability easily or quickly. Its overall cyber
capabilities do not match the scale and sophistica-
tion of its ballistic-missile or nuclear programme. For
example, it lacks the resources, talent and technical
infrastructure needed to develop and deploy sophis-
ticated oensive cyber capabilities, even though it has
used lower-level oensive cyber techniques widely,
with some success. Iran is a third-tier cyber power
that makes use of less sophisticated cyber technolo-
gies and operational capabilities to serve its strategic
goals, which include espionage, power projection
and strategic signalling.
List of acronyms
CERT Computer Emergency Response Team
ICT information and communications technology
IRGC Islamic Revolutionary Guard Corps
IRGC-IO Islamic Revolutionary Guard Corps Intelligence
Organization
MOIS Ministry of Intelligence and Security
NCC National Cyberspace Center
NPDO National Passive Defense Organization
Strategy and doctrine
Iran’s approach to cyberspace is inherently bound to its
domestic authoritarian policies and its international con-
frontations. The stage for current domestic policy was
set in 2009 when the Islamic Revolutionary Guard Corps
(IRGC) took over the Telecommunications Company of
Iran after large-scale protests against the regime that
were fuelled by social media.
1
The development of
Iran’s international cyber policy can be traced back to
the Stuxnet aacks on the country that were revealed in
2010 and aributed to the United States and Israel.
In most areas related to security in cyberspace, Iran
has not published any formal strategy documents or
doctrines. The main indicators are therefore organisa-
tional reforms and associated legislation. The Iranian
Cyber Army, a group of pro-regime hackers with pre-
sumed links to the IRGC and pledging loyalty to Supreme
Leader Ayatollah Ali Khamenei, began operating in 2009
as the direct result of concern among conservative forces
in Iran about anti-government and pro-Western internet-
based propaganda. The armed forces set up a Cyber
Defense Command in 2010, and in 2011 a Cyber Police
Force was created with the aim of protecting ‘national and
religious identity, community values, legal liberty and
critical national infrastructure from electronic aack’.
2
