Iran could collect targets for future cyberattacks

British media outlet SkyNews has published five classified documents, allegedly from Iranian intelligence, revealing the Islamic Republic's cyber attack plans
Iranian flag at Bushehr nuclear power plant

AFP/ ATTA KENARE  -   A photo taken on November 10, 2019 shows an Iranian flag at the Bushehr nuclear power plant

The leak of a series of classified documents allegedly belonging to Persian intelligence reveals that Iran is planning to carry out cyber-attacks against several Western countries, according to SkyNews. The British media published on Monday the contents of a set of secret files sent to Iranian Supreme Leader Ali Khamenei and drafted by the Islamic Republic's intelligence services.

Tehran plans to use its technological capabilities to damage civilian infrastructure, such as sinking cargo ships, blowing up petrol stations and disrupting satellite systems, according to the contents of the files. The document referring to a possible cyber attack on a ship indicates that one of the objectives is to "cause irreversible damage".

ali jamenei
PHOTO/Iranian Presidency/Department of Political Affairs - Iran's Supreme Leader Sayyid Ali Hosseini Khamenei (C), Iranian President Hassan Rohani (L) and the newly appointed Commander of the Quds Forces of the Islamic Revolutionary Guard Corps, Ismail Qaani (R)

An anonymous source provided the classified files to the British media. They reveal that Iranian intelligence is gathering information in order to identify possible targets for future cyber-attacks. The TV channel claims that Tehran is keeping a close eye on Western companies, with a particular focus on American, British and French companies. 

"They are setting up a bank to be used whenever they see fit," the source told SkyNews. The five 57-page reports were written by "a secret offensive cyber unit called Shahid Kaveh, part of the elite cyber command of Iran's Islamic Revolutionary Guard Corps (IRGC)", according to the British media. According to this version, this unit corresponds to a cell known as Intelligence Team 13, itself headed by Hamid Reza Lashgarian.

pacto nuclear viena
PHOTO/EU DELEGATION IN VIENNA - The Deputy Secretary General of the European External Action Service (EEAS), Enrique Mora, and the Iranian deputy at the Ministry of Foreign Affairs, Abbas Araghchi

In contrast to the SkyNews source, who claimed to be "very sure" of the authenticity of the documents, the Russian news agency Sputnik reports the testimonies of Iranians Seyed Mohammad Marandi and Rasool Nafisi, professors at the Universities of Tehran and Virginia, in which they show a certain scepticism on the matter. Both have pointed out that the files have no dates, numbers or Revolutionary Guard insignia, and that this may be an attempt to "escalate tensions".

This version suggests that the classified files are being released to boycott or hinder the resumption of the nuclear deal between Iran and the other Western powers involved in the issue, including the UK. The release of the documents comes ahead of a possible return to the negotiating table in Vienna, where the parties are negotiating a return to the Joint Comprehensive Plan of Action (JCPOA).

raisi
AFP/ ATTA KENARE - Iran's President-elect Ebrahim Raisi holds his first press conference in the capital Tehran on 21 June 2021

The Biden administration pushed in April for the reopening of talks with Iran to reach a nuclear deal. This was backed by the E3, the group comprising the UK, France and Germany that was present at the initialling of the original deal in 2015 under Barack Obama. Trump's unilateral withdrawal from the plan in 2018 prompted Tehran to take giant steps on its nuclear programme.  

Negotiations in the Austrian capital began in April and were postponed a month ago after several weeks of deadlock. However, the talks could get back on track after the inauguration of Iranian president-elect Ebrahim Raisi, who will officially replace Hassan Rohani on 5 August.

Cyber threat

"The Islamic Republic should be among the most powerful powers in the cyber area," reads one of the cover pages of the documents revealed by SkyNews. Tehran's plans are to make Iran a superpower in this area as part of an overarching military strategy. Not only to attack, but also to defend its reserves. In recent months, Iran has denounced a series of cyber-attacks against its infrastructure.

To this end, Tehran has a cyber army, a priori dependent on the Revolutionary Guard. So far, the functioning of the section has not been revealed, since, among other reasons, it is not officially registered within the Islamic Republic. The identity of its members is also unknown, but intelligence sources claim that the country has a group of "highly qualified" specialists. So much so that Iran is recognised as the fourth largest cyber power in the world.

planta nuclear iran
PHOTO / REUTERS - Atomic Energy Organisation of Iran technicians in a control room at the Uranium Conversion Facility in Isfahan, Iran

Since June 2010, when the Persian regime received its first cyberattack against the Natanz nuclear power plant at the hands of a computer worm known as Stuxnet, developed by the United States and Israel, Iran has been trying to recover from what it considered a humiliation and has developed a powerful cyber division. The virus affected uranium enrichment facilities.

Since then, a cyberattack crossfire between the two countries began. In October 2019, Microsoft reported the activity of a group of hackers who had tried to illegally access email accounts of US officials and journalists. The hackers were reportedly working for the Persian government, and were active again in the weeks leading up to the 2020 presidential election.

The cyber field offers a number of advantages, especially to Iran. Firstly, it allows foreign systems to be damaged from the inside, a factor to be taken into account, as the damage is considerably greater. In this sense, cyber-attacks may even go undetected or at least leave no trace. Moreover, the consequences could extend to several levels and different branches of state services or a private company. The main factor, according to experts, is that it allows attacking from a distance and with technology without the risk of direct casualties.