DUBAI, United Arab Emirates (AP) — Iran’s top police chief envisions a new beat for his forces: patrolling cyberspace.
“There is no time to wait,” Gen. Ismail Ahmadi Moghaddam said last week at the opening of a new police headquarters in the Shiite seminary city of Qom. “We will have cyber police all over Iran.”
The first web watchdog squads are planned in Tehran this month — another step in Iran’s rapidly expanding focus on the digital world as cyber warfare and online sleuthing take greater prominence with the Pentagon’s new Cyber Command and the secrets spilled to WikiLeaks.
For Iranian authorities, mastering the intricacies of the web is seen as critical on two fronts: an offensive weapon against political opposition and a defensive shield to thwart cyber-attacks such as the Stuxnet computer worm that Iran said was aimed at sabotaging its uranium enrichment program.
It’s part of what the Islamic Republic calls its “soft war” — which includes trying to curb Western cultural influences and gaining the upper hand in cyberspace against web-literate opposition groups.
But some experts question Iran’s capabilities in the constantly evolving Net. They say Iran is hampered by the lack of homegrown computer innovation and its struggle to find competent programmers and hackers willing to work for the state.
“Without a robust domestic computer industry, it’s doubtful Iran could develop significant cyber capabilities,” said Derek Reveron, a professor of national security affairs at the U.S. Naval War College in Rhode Island.
Iran, however, appears to be investing significant resources to boost its cyber corps.
The Revolutionary Guard — Iran’s military-industrial powerhouse — is believed linked to the secretive “Cyber Army” that emerged as a counter punch against the onslaught of opposition websites and blogs after the disputed re-election of President Mahmoud Ahmadinejad in 2009.
Some Iranian lawmakers are now reportedly seeking a sharp boost in funding and recruitment to bring more hackers into the Revolutionary Guards paramilitary Basij corps, which is far better known for its storm trooper role against protesters.
The suspected fingerprints of the Cyber Army have already turned up in defacements against Twitter, the Chinese search engine Baidu and TechCrunch Europe, a blog covering web startups and related news.
The Cyber Army also has been blamed for blocking reformist sites and even hacking into the website of Farsi1, a popular television channel based in Dubai and owned by an Afghan media tycoon and Rupert Murdoch’s News Corp.
In October, a web security firm Seculert said its researchers believe the Cyber Army branched out to botnets, networks of infected PCs that have been hijacked from their owners — often without their knowledge — and can be used by hackers to spread malicious software.
“It’s like second-generation jihadists” using computers instead of weapons, said Eldad Pardo, an Iranian affairs expert at Hebrew University in Jerusalem.
Iran could be fertile ground. Its many universities churn out some of the most computer-savvy graduates in the Middle East.
Iran’s opposition has already shown its web flair with videos, online statements and tweets. One prolific hacker group possibly linked to Iran — known as the Ashiyane Digital Security Team — has gained a reputation by purportedly swiping at sites from the Chinese government to job postings in Penobscot, Maine, according to claims posted on the hacker bulletin board, www.zone-h.org.
This week, the home pages of Hillsboro Beach, Florida, were hacked by someone who posted an Iranian flag and the mysterious words “MCSM Iran Hacking.”
Iran, meanwhile, is trying to bolster its firewalls after the Stuxnet code was found in programs involved in its nuclear program.
Iranian officials claim there were no setbacks in nuclear operations from the Stuxnet worm. But a November report by the U.N. nuclear agency said Iran’s enrichment program was temporarily shut down in a possible link to the Stuxnet infiltration.
The origins of Stuxnet are unclear. But it’s considered a highly sophisticated malware designed to attack industrial systems and could have been aimed at the centrifuges used in uranium enrichment. Washington and others worry that Iran could eventually produce nuclear material for warheads, but Iran insists it only seeks nuclear reactors for energy and research.
A secret U.S. diplomatic memo released this week by WikiLeaks — from a January 2010 meeting between German and U.S. officials — includes a recommendation that “covert sabotage,” including explosions and computer hacking, “would be more effective than a military strike whose effects in the region could be devastating.” The cable makes no direct mention of any specific acts.
But Iran’s intelligence minister, Heidar Moslehi, claimed in October that programmers had neutralized Stuxnet because of their “domination of virtual networks.”
It’s impossible to accurately weigh Iran’s statements. But it appears that Iran has taken some initial steps, including efforts to install a system that immediately flags possible cyber-attacks, said an Israel-based computer security expert, Shai Blitzbau.
“It can monitor in real time all the abnormal activity in the networks,” said Blitzbau, technical director for Maglan Group, an Internet security firm with offices in Europe and Israel.
This, however, is mostly a standard move and unlikely to rattle any experienced hacker, experts say.
“It’s a first response and a logical one by Iran,” said Jeffrey Carr, a cyber intelligence expert and consultant to U.S. and other governments on cyber defenses. “But it doesn’t really mean much to prevent attacks. It’s the cyber equivalent to eating right, taking your vitamins and hoping you don’t get sick.”
The planned police units seem to be the next web offensive by Iran.
The country’s main police chief, Ahmadi Moghaddam, gave few details in his announcement last week. But he pointed out the need to stamp out web-based “defamation and mischief” — a clear reference to opposition websites and blogs that often serve as the crucial sources of information and tips because of restrictions imposed on foreign journalists.
Opposition groups also have proven they are nimble, using proxy servers and other tactics to stay ahead of authorities.
Ehsan Ahrari, a Virginia-based political analyst who taught security studies at the National Defense University, said Iranian authorities seem to be rushing into cyber-warfare and policing efforts “in an almost panicked way” and without coordination.
“Such a chaotic environment becomes too fertile for external forces to infiltrate Iran’s firewalls,” he said. “Iran is indeed facing an uphill struggle. It is likely to close the technological gap, but it will take a long time.”