728 x 90

Report: Iran’s IRGC hunting internet users

Revolutionary guard( IRGC) hackers, cyber, cyberwar
Revolutionary guard( IRGC) hackers, cyber, cyberwar

Analysis by PMOI/MEK


Iran, May 25, 2019The Iranian people are considered to be one of the most vibrant populations on the internet. Over 40 million Iranians, comprising of more than half of the 80 million population, and especially the youth, are using the internet to share news and information, debate in private, and conduct business.

The Iranian regime, however, is using the internet to suppress its own people. This practice has escalated following the Dec 2017/Jan 2018 protest movement in Iran.

Since then, regime authorities have been placing a special focus on political activists, in particular, with officials demanding the imposition of greater limitations on the internet and tighter controls over social media.

Remarks by senior regime officials, appointees to top positions, and executive/legislative actions are all indications of the regime moving toward imposing tighter online restrictions.

On January 17, the regime’s so-called Assembly of Experts issued a statement emphasizing:

“The Ministry of Communications, the High Council of Cyberspace, and all related institutions should actively engage in establishing order in the cyberspace, confront unethical issues and psychological warfare by the enemy, and take serious steps in monitoring and confronting the opposition and unethical networks.”

All the while, the mullahs’ regime has been involved in extensively expanding the role of the military and the Revolutionary Guards (IRGC) in cyber affairs. This has alarmed internet freedom activists and human rights organizations.

In April, the regime’s Supreme Leader Ali Khamenei appointed former IRGC chief Mohammad Ali Jafari as head of the IRGC Baghiyatollah Cultural and Social Headquarters (BCSH).

The BCSH’s significance stems from its cyber operations. Its role is to assist the regime address the so-called “soft war” that the West is allegedly waging against the mullahs’ apparatus on the internet. The fact that Khamenei himself directly appointed the BCSH chief for the first time is an indication of the importance Iran’s ruling establishment is placing in “soft war” on the internet.

“Given your interest in being present in cultural fields and having a role in the soft war… I appoint you to head the BCSH,” Iran’s supreme leader said in his order.


Restricting Internet access

The ruling regime has always been trying to impose heavy restrictions on access to foreign media and social networks for Iranian Internet users.

The internet and social media apps in the country, as well as online user activities, are heavily censored and monitored by the regime.

As an example, university students could be punished for engaging in online activities deemed by the government as “unethical” following the passage of an amendment to the Islamic Republic’s academic disciplinary regulations.

“Publishing unethical photos or committing immoral acts in cyberspace and on information-sharing networks will result in disciplinary action against students,” said Jamasb Nozari, director of the state-run Academic Affairs Organization, in an interview with the state-funded Iranian Students News Agency (ISNA) on April 26, 2019.

The amendment was passed by the Supreme Cultural Revolution Council’s Committee for the Islamization of Universities on April 21, 2019.

The new rule does not define what is and isn’t “unethical,” giving the authorities free rein to make arbitrary decisions.

Another example is that when a subscriber of Iran’s Hamrah Aval mobile phone company tries to access Telegram app channels without an SSL protocol (http://t.me), which enable encrypted data transfers, they will be redirected to the website.

Then a message will appear on their screen, such as, “By the order of the Prosecutor General, accessing this content is prohibited and in violation of the laws of the Islamic Republic of Iran. Your device specifications and internet identification have been recorded.”

On January 21, Iranian regime president Hassan Rouhani admitted to Tehran’s attempts in filtering the cyberspace.  He did not even get close to criticizing the filtering efforts in their merits. He just said that they were not successful:

“Well, we were unsuccessful in some of our efforts in recent years,” he said. “We thought it is under our control. We thought it would be filtered if we just ordered so…. What should we do with VPNs?”

Rouhani was not the only official speaking of the regime’s efforts against free flow of information in cyberspace. Four days earlier, Ahmad Khatami, the spokesman for the board of directors of Assembly of Experts, said that in their latest session, “everyone agreed that the damages inflicted by the cyberspace were serious.”

Given the Iranian regime’s terrible track record, it is very meaningful when its officials talk about failure in blocking or controlling the cyberspace. This is not a failure in the first battle. It is the end of a series of expensive endeavors. So as much as it is some good news, it alarms us to try and identify, expose, and counter new tactics by the regime.

In 2019, Iranian media outlets began reporting on the sudden appearance of branch offices of a “Prosecutor General’s Cyber Division Rapid Reaction Center,” a new state agency that appears to be tasked with monitoring and censoring online content and activities.

The center reportedly has offices in Iranian cities including Mashhad, Ardabil, and Khorramabad, but no state official has publicly explained its existence.

In Iran, the government’s Working Group for Determining Instances of Criminal Content (WGDICC) is responsible for monitoring and censoring online content. However, Iranian courts have also ordered websites or apps to be blocked on several occasions.

The Prosecutor General’s Cyber Division Rapid Reaction Center could be the judiciary’s latest attempt to carry out these actions in a systematic way.


Spying on social media users

The regime’s massive cyberwar apparatus is run by the Revolutionary Guards, IRGC, and the Ministry of Intelligence (MOIS) which spend huge amounts of money from the assets of the Iranian people and employ thousands of IRGC members, Basijis, and hackers affiliated to them. Their goal is to mislead, spread misinformation, and prevent the free flow of information.

The agents of the MOIS and the Quds Force abroad are a major part of this cyberwar apparatus for spreading lies and deception, and they pursue the regime’s objectives under various covers and titles, and sometimes under the guise of opponents of the regime, misusing internet and social networks and launching hundreds of websites in various languages.

The mullahs’ cyberwar machine has been organized in sets that are unrelated to each other and under different covers so that the regime’s fingerprints are less visible.

The costs of running this network and its payments are made through complex ways and through non-Iranian intermediaries, or at least outside of Iran to circumvent international sanctions and restrictions. Recent research by international cybersecurity firms has shown that the source of all these covert accounts is Iran under the rule of the clerical regime.

In many cases, non-Iranian mercenaries of the Ministry of Intelligence and Quds Force, with completely Western culture, misuse political or electoral rivalry in these countries to carry out the dictated instructions of Tehran.

On the other hand, the Iranian regime has always sought to have access to sensitive private data and identify dissidents.

In this regard, it has filtered popular messaging apps, such as Telegram, forcing millions of users into indigenous platforms.

This is a grave security risk for millions of Iran Internet users, allowing authorities access to sensitive personal data and easily identify dissidents.





Latest News and Articles