 Cyber Conflict, Module 11, Iranian Cyber Background. Once you have completed the readings, lecture, activity, and assessment, you will be able to articulate reasons for Iran's growing interest in cyber capabilities, describe how Iran's government uses cyber technology to ensure the survival of its regime. Welcome to Cyber Conflict, Module 11. This lecture focuses on the two main pillars of Iranian cyber defense strategy, both of which have developed in the last decade. In June 2009, Iranian voters went to the polls to elect a new president. Fed up with the arch-conservative policies of President Ahmadinejad, Iranian citizens voted in record numbers, and most pollings suggested that a reformist candidate, Mir Hossein Musavi, had won. A few days after the voting, however, the Iranian government announced that Ahmadinejad was victorious by a landslide of 63% of the vote. Many Iranian citizens immediately determined that the election had been rigged, and within a few days, tens of thousands of Iranian youth took to the streets in protest. Government police met them ferociously, prompting the largest public protest the Iranian Republic had experienced since its founding three decades earlier. Protests were banned by the Iranian government. The Iranian government eventually regained control of the country, but only after kidnapping, torture, and murder of many of the protest organizers. The Iranian government later researched the event to determine how the protest had spread so quickly. The answer? Nearly one million Iranian citizens had access to smartphones, enabling many to quickly record and share, on sites like Facebook and Twitter, videos of protesters being shot or taken to jail by secret police. As a result, the government banned such social media sites. To avoid a repeat performance in the 2013 Iranian presidential election, government officials blocked access to virtual private networks as well, so that citizens could not circumvent government firewalls to access the social media sites. This 2009 Green Revolution highlights the logic behind one of the two main pillars of Iranian cyber defense strategy. To ensure regime survival through widespread surveillance, and blocking of information deemed subversive. One year later, the effects of one of the history's most powerful cyber weapons triggered the second pillar of Iranian cyber defense strategy. Training a cyber workforce and building cyber defenses and offenses. The Stuxnet computer worm was designed to affect specific types of industrial control systems manufactured by the Siemens company. The worm was introduced into a nuclear facility in Natan's Iran, which housed giant centrifuges producing highly concentrated uranium used for nuclear weapon production. After working itself into the industrial systems controlling the centrifuges, the Stuxnet worm could vary the speed of the centrifuges while sending signals to the Iranian controllers that they were spinning normally. Because uranium centrifuges must run at a highly precise rate, the varying speeds exploded many of the centrifuges, and they had to be replaced. Initially, Iranian scientists believed that operator error or faulty design was to blame. Finally, in 2010, independent cybersecurity analysts investigating this situation determined that the centrifuges had been disrupted by a sophisticated computer worm. No individual or country has ever officially taken responsibility for producing Stuxnet, but the New York Times has reported that, based on its complexity and the likely expense involved in creating it, Stuxnet was almost certainly engineered by a technologically advanced nation state, such as the United States. After this event, Iran was determined to prevent a similar cyber attack on Iranian critical infrastructure. The Iranian government has likely invested billions of dollars into training a cyber workforce and building cyber defenses. Iran has also likely invested in an offensive cyber program to attack industrial control systems of adversaries. In 2013, Iranian hackers attempted to shut down a large flood control dam in New York state. The FBI has stated that the hackers were working on behalf of Iran's Revolutionary Guard, an elite military organization, and the attack on the dam may have been in retaliation for the United States suspected role in Stuxnet. The hackers purportedly attempted to access the dam's industrial control system, but could not do so because the system had been disconnected from the Internet for routine maintenance. The next lecture will address other cyber operations in Iran, including a discussion of Stuxnet and the future of cyber war. True or false? The current Iranian regime is known to use cyber technology to monitor and subsequently disrupt any anti-government protests. The answer is true. Which of the following is not a reason the Iranian regime has invested heavily in cyber technology? A. The Iranians sought to bolster their cyber capabilities after the discovery of Stuxnet. B. The Iranian regime has found cyber surveillance an effective way to monitor its citizens. C. The Iranian regime has found that cyber technology supports increased voter participation. D. The Iranian regime sought to develop cyber weapons as revenge for the Stuxnet attack. The answer is C. The Iranian regime has found that cyber technology supports increased voter participation. The activity for this module asks that using presentation software like PowerPoint or Keynote build a presentation about Iran providing the following information. Note the country's annual gross domestic product GNP from the CIA's World Fact Book. We provide interesting facts about the country including the size of its population, military, industrial production and agriculture output. Note how many people have access to the internet. Compare the information to that of Saudi Arabia. Consider the differences and similarities of the two countries.