 The Global Cyber Threat Environment, Module 12, Iranian Cyber Intelligence. Objectives, once you have completed the readings, lecture, activity, and assessment, you will be able to describe how the IRGC uses cyber capabilities to ensure the survival of the Islamic Republic. Articulate the connection between the IRGC and the terrorist organization, Hezbollah. Welcome to the Global Cyber Threat Environment, Module 12. As you have discovered from previous lectures, the Iranian cyber capability lags far behind Russia's and China's, however, it is advancing rapidly due to robust research and development on behalf of the Iranian government. Stringent economic sanctions had previously hindered Iran's ability to import sophisticated information technology, but the majority of those sanctions ended in January 2016, allowing Iran to more easily research and develop sophisticated cyber weaponry. Iran's cyber strategy involves two pillars. One pillar includes ensuring regime survival through surveillance and blocking public access to what the government deems as subversive information. The other pillar relies on training a cyber workforce specialized in developing both offensive and defensive capabilities to ensure the domestic and national security of the Iranian Islamic Republic. The Iranian government includes a number of organizations with significant cyber missions, but this lecture will focus primarily on the cyber capabilities and organization of the Islamic Revolutionary Guard Corps, or IRGC. The IRGC is an organization of elite military personnel with the capability to conduct various types of special warfare tactics on ground and in cyberspace. Although initial training in computer science and malware takes place within Iran's universities, the IRGC cultivates select individuals into highly skilled offensive and defensive cyber warriors, conducting such operations as the intrusion into a flood control dam in New York, noted in the last lecture. Media reports have speculated that the IRGC cyber warfare program employs nearly 2,400 people. These personnel are believed to be involved with creating specialized forms of malicious code for computer surveillance, developing electronic warfare systems capable of disrupting radar and space communications, and spoofing GPS systems. During the 2009 popular uprising in Iran to protest fraudulent election results, the Iranian government mobilized the IRGC to increase digital surveillance of Iranian citizens and compose digital dossiers of protesters. These dossiers were later used to support interrogations. IRGC interrogators sifted through private messages from social media sites to embarrass and blackmail arrested protesters into silence. The IRGC would also use arrested protesters' social media credentials to target suspected protest organizers with spearfishing attacks aimed at allowing Iranian officials to access their smartphones and computers. One IRGC chief charged with putting down the 2009 protests later wrote about the need to impede protesters' use of the internet or cell phones, as they had become so critical in mobilizing protestor activities. Although normally tight-lipped about its cyber capabilities, the Iranian government has admitted to conducting cyber operations to disrupt internal opposition forces in two instances. The first instance was in March 2010, when the Iranian government announced that a branch of the IRGC had successfully disrupted websites connected to the organization Human Rights Activists in Iran. The second instance occurred in 2013 and involved the IRGC's disruption of several websites of organizations tied to independent media and human rights groups. The IRGC has also been known to co-opt Iranian citizens with hacking skills into an entity called the Iranian Cyber Army. The IRGC organizes and funds the Iranian Cyber Army, and many of the Army's hacker members previously belonged to Iranian nationalist hacking collectives who disrupted pro-Western websites or websites thought to be opposed to the Islamic Revolution in Iran. Additionally, the Basij, a subordinate force to the IRGC, has been known to engage in cyber operations against opponents of the Iranian regime. The Basij might be considered an all-volunteer paramilitary force with branches in nearly every Iranian city. It is known to create pro-regime propaganda for dissemination on social media and develop sophisticated hacking tools for subsequent use by IRGC forces. Finally, Iran supports Hezbollah, an organization comprising more than 50,000 fighters. Hezbollah, which the U.S. State Department has identified as a terrorist group, was founded in 1980 with support from Iran and a mission to resist the Israeli occupation of southern Lebanon. The group has since expanded its charge to promote Iranian interests throughout the Middle East, including Syria and Yemen. The organization has a well-developed psychological operations unit that specializes in producing sophisticated anti-Israel and anti-U.S. propaganda. It has also attained sophisticated electronic warfare capabilities that were quite successful in jamming Israeli communications during the 2006 Israeli incursion into southern Lebanon. Like Iran, Hezbollah relies on patriotic civilian hackers to conduct cyber attacks while maintaining plausible deniability. For instance, hackers called Islamic cyber resistance targeted Israeli critical infrastructure in 2013 and were thought to be civilian hackers funded by Hezbollah militants. One of the most concerning aspects of Iranian cyber capability is the country's apparent ability to research and develop sophisticated tools indigenously. Iran has masterfully used a robust system of well-funded universities to cultivate students with a propensity for computer technology. Many experts expect Iran to quickly become a true cyber rival of the United States in the coming years. Quiz question one, true or false? During the post 2009 presidential election turmoil, the IRGC was mobilized to help conduct digital surveillance of Iranian citizens suspected of supporting anti-government protests. A, true, B, false? The answer is A, true. Quiz question two, which of the following is not a reason that Iran is known to support Hezbollah? A, Iran assesses Hezbollah to be an organization that can bring democracy to the Middle East. B, Hezbollah is an organization that provides charitable services to Shia populations in Lebanon. C, Iran sees Hezbollah as a proxy military organization helpful in confronting the Israeli military. D, Hezbollah provides Iran with a formidable paramilitary capability throughout the Middle East. The answer is A, Iran assesses Hezbollah to be an organization that can bring democracy to the Middle East. Activity, visit the United States Department of Justice homepage and search for the terms Iran and Bowman Dam. You should find a federal indictment against seven Iranians working on behalf of the IRGC who were convicted of illegally assessing the controls of a dam in upstate New York. Right, a one-page reflection on how the attackers were able to access the dam controls and what the government believed they were ultimately trying to do.