We assess that Iran likely will continue to rely primarily on proxy news websites and affiliated social media accounts to attempt sustained influence against US audiences, while we expect intermittent, issue-specific influence attempts via other means (e.g., e-mails). We base this assessment on Iran’s actions since at least 2008 to build and maintain vast malign influence networks anchored by proxy websites, as well as Iran’s attempts to find new avenues to re-launch established malign influence networks after suspension. Tehran employs a network of proxy social media accounts and news websites that typically launder Iranian state media stories (stripped of attribution), plagiarize articles from Western wire services, and occasionally pay US persons to write articles to appear more legitimate to US audiences.
Tag Archive for Iran
Federal Bureau of Investigation, Iran
FBI Cyber Bulletin: Website Defacement Activity Indicators of Compromise and Techniques Used to Disseminate Pro-Iranian Messages
Following last week’s US airstrikes against Iranian military leadership, the FBI observed increased reporting of website defacement activity disseminating Pro-Iranian messages. The FBI believes several of the website defacements were the result of cyber actors exploiting known vulnerabilities in content management systems (CMSs) to upload defacement files.
Department of Homeland Security, Iran, Lebanon
(U//FOUO) DHS Intelligence Bulletin: Worldwide Terrorist Operations Linked to Lebanese Hizballah or Iran
This Reference Aid examines tactics and targets garnered from a review of attacks or disrupted terrorist operations from 2012-2018 linked to either Lebanese Hizballah (LH) or Iran. It identifies behaviors and indicators that may rise to the level for suspicious activity reporting in areas such as recruitment, acquisition of expertise, materiel and weapons storage, target type, and operational security measures, which could assist federal, state, local, tribal, and territorial government counterterrorism agencies, law enforcement officials, and private sector partners in detecting, preventing, preempting, and disrupting potential terrorist activity in the Homeland. This Reference Aid does not imply these indicators would necessarily be observed or detected in every situation or that LH and Iran necessarily use the same tactics or demonstrate the same indicators. Some of these detection opportunities may come during the course of normal investigations into illegal activities in the United States such as illicit travel or smuggling of drugs, weapons, or cash, and lead to the discovery of pre-operational activity.
Federal Bureau of Investigation
FBI Cyber Bulletin: IP Addresses and Domains Used by Iran-Based Cyber Actors to Attack Victims Worldwide
The FBI assesses a group of malicious cyber actors—likely located in Iran—use Virtual Private Server infrastructure hosted in the United States to compromise government, corporate, and academic computer networks based in the Middle East, Europe and the United States. This infrastructure is used in conjunction with identified malicious domains to support a broad cyber campaign which likely includes the use of e-mail spear phishing, social engineering, and malicious Web sites (“watering hole attack”). These cyber actors almost certainly have been involved in this activity since at least early-2015.
U.S. Army TRISA Threat Report: Attacks Against the Iranian Nuclear Program
A 2012 presentation from the U.S. Army TRADOC G2 Intelligence Support Activity (TRISA) detailing a series of attacks on the Iranian nuclear program’s leading scientists and infrastructure.
Federal Bureau of Investigation
FBI Alert: Iranian Cyber Actors Targeting Defense Contractors, Schools and Energy Sector
A group of cyber actors utilizing infrastructure located in Iran have been conducting computer network exploitation activity against public and private U.S. organizations, including Cleared Defense Contractors (CDCs), academic institutions, and energy sector companies. The actors typically utilize common computer intrusion techniques such as the use of TOR, open source reconnaissance, exploitation via SQL injection and web shells, and open source tools for further network penetration and persistence. Internet-facing infrastructures, such as web servers, are typical targets for this group. Once the actors penetrate a victim network, the actors exfiltrate network design information and legitimate user credentials for the victim network. Often times, the actors are able to harvest administrative user credentials and use the credentials to move laterally through a network.
Iran, United Nations
Iranian President Hassan Rouhani Speech to UN General Assembly Transcript September 25, 2014
Extremism is not a regional issue that just the nations of our region would have to grapple with; extremism is a global issue. Certain states have helped creating it and are now failing to withstand it. Currently our peoples are paying the price. Today’s anti-Westernism is the offspring of yesterday’s colonialism. Today’s anti-Westernism is a reaction to yesterday’s racism. Certain intelligence agencies have put blades in the hand of madmen, who now spare no one. All those who have played a role in founding and supporting these terror groups must acknowledge their errors that have led to extremism. They need to apologize not only to the past but also to the next generation.
Iran, United Nations
Iranian President Hassan Rouhani Speech to UN General Assembly Transcript September 24, 2013
Our world today is replete with fear and hope; fear of war and hostile regional and global relations; fear of deadly confrontation of religious, ethnic and national identities; fear of institutionalization of violence and extremism; fear of poverty and destructive discrimination; fear of decay and destruction of life-sustaining resources; fear of disregard for human dignity and rights; and fear of neglect of morality. Alongside these fears, however, there are new hopes; the hope of universal acceptance by the people and the elite all across the globe of “yes to peace and no to war”; and the hope of preference of dialogue over conflict, and moderation over extremism.
Iran, United Nations
Mahmoud Ahmadinejad Speech to UN General Assembly Transcript September 26, 2012
Address by Mahmoud Ahmadinejad, President of the Islamic Republic of Iran, before the 67th session of the United Nations General Assembly on September 26, 2012.
Joint Improvised Explosive Device Defeat Organization
JIEDDO Report: Iranian Weapons Smuggling Activities in Afghanistan
This study investigates Iran’s strategy of smuggling weapons to Afghan insurgents. Based on the hypothesis that Iran utilizes its weapons smuggling networks as proxies to leverage against foreign threats with predictable results, this study will address Iran’s future weapons smuggling behaviors. Iran, like the United States, is a complex actor pursuing rational, national strategic objectives. The perceived dichotomy between Iran’s words and actions results in an atmosphere of suspicion surrounding Iranian motives that can potentially lead to unintended escalations between Iran and other nations. An increase in tensions between the U.S. and Iran, specifically over perceived threats to Iranian sovereignty, will be matched with an increase in the rate and quantity of weapons, an introduction of more capable weapons, or both. Given the elasticity of realizing strategic success by increasing the rate and quantity of weapons, Iran will likely attempt to quickly counter an imminent threat by deploying more destructive weapons comparable to those Iran supplies to Lebanese Hezbollah.
Afghanistan, Defense Intelligence Agency
Defense Intelligence Agency “The (New) Great Game” Regional Geopolitics Lesson
A Defense Intelligence Agency presentation concerning geopolitics in the region surrounding Afghanistan and Pakistan from February 2012.
International Atomic Energy Agency, Iran
IAEA Iran Making Nuclear Weapons Report November 2011
Previous reports by the Director General have identified outstanding issues related to possible military dimensions to Iran’s nuclear programme and actions required of Iran to resolve these. Since 2002, the Agency has become increasingly concerned about the possible existence in Iran of undisclosed nuclear related activities involving military related organizations, including activities related to the development of a nuclear payload for a missile, about which the Agency has regularly received new information.
Iran-Linked Saudi Arabian Ambassador Assassination Plot Criminal Complaint
Criminal complaint issued in the Iran-linked plot to assassinate the Saudi Arabian ambassador to the United States, USA vs. MANSSOR ARBABSIAR a/k/a “Mansour Arbabsiar” and GHOLAM SHAKURI a/k/a “Ali Gholam Shakuri”.
Iran, United Nations
Mahmoud Ahmadinejad Speech to UN General Assembly Transcript September 22, 2011
Who used the mysterious September 11 incident as a pretext to attack Afghanistan and Iraq, killing, injuring, and displacing millions in two countries with the ultimate goal of bringing into its domination the Middle East and its oil resources? Who nullified the Breton Woods system by printing trillions of dollars without the backing of gold reserves or equivalent currency? A move that triggered inflation worldwide and was intended to prey on the economic gains of other nations. Which country’s military spending exceeds annually a thousand billion dollars, more than the military budgets of all countries of the world combined? Which governments are the most indebted ones in the world?
Immigration and Customs Enforcement
ICE List of Specially Designated Countries (SDCs) that Promote or Protect Terrorism
The Department of Homeland Security Office of Inspector General issued a report in May 2011 titled “Supervision of Aliens Commensurate with Risk” that details Immigration and Customs Enforcement’s (ICE) detention and supervision of aliens. The report includes a list of Specially Designated Countries (SDCs) that are said to “promote, produce, or protect terrorist organizations or their members”. The report states that ICE uses a Third Agency Check (TAC) to screen aliens from specially designated countries (SDCs) that have shown a tendency to promote, produce, or protect terrorist organizations or their members and that the purpose of the additional screening is to determine whether other agencies have an interest in the alien. ICE’s policy requires officers to conduct TAC screenings only for aliens from SDCs if the aliens are in ICE custody.
Iran, United States
Taash Communications Network: Iranian Green Movement Support Plan
Among the lessons learned from the revolutions in Egypt and Tunisia is the value and affect of unencumbered access to information and communications technology (ISCT), including but not limited to independent information and social networking across multiple platforms, such as mobile, internet, web-based, and satellite broadcast. The current ICT available in and outside Iran remain largely silod platforms (i.e. lacking technology that facilitates convergence of information and interactivity). In general, the younger generation that support reform and actively oppose the regime from within have not been able to effectively access newer technologies or have been dissuaded from participating in communications programs operated by less legitimate traditional opposition parties from outside. Most these platforms are either state sponsored, like VOA and BBC, or are exile opposition websites and channels out of Los Angeles with a political agenda and low tolerance for alternative viewpoints. Most have failed to stay up to date with the language, trends, mentality, culture, and sociopolitical situation of the today Iran. The partisan nature of the older generation opposition groups further limit their ability to reach the younger demographic.
Iran, Open Source Center
(U//FOUO) Open Source Center Iran Social Networking Site Profile IrExpert.ir
IrExpert.ir is a Persian-language social networking site established as a forum for Iranian professionals and experts around the world. Similar in style to the popular international business social networking site Linkedin, IrExpert.ir serves as a platform for users to exchange ideas, foster professional relationships, connect with other colleagues, share information, and seekprofessional opportunities. Only limited information is available on the open social networking site, as the majority of content is retained in the password protected portal that can only be accessed by members. This report is based only on the information available to nonmembers.
Iran, Open Source Center
(U//FOUO) Open Source Center Iranian Internet War on Freedom of Information
For almost a decade, the Iranian regime and netizen activists have been engaged in a veritable war of attrition over freedom of information on the Internet. With at least tacit support from information technology businesses — whose interests are adversely affected by government controls and restrictions — activists have sought to exploit the Internet in order to share information and voice dissent. In turn, the authorities have been implementing plans to manage cyber activity by taking ownership of Internet infrastructure and by promoting the presence of their supporters and messages in cyberspace, while justifying their efforts on the grounds of morality and national security. Neither netizen activists nor the government are likely to win the battle over information flows in the near term, in part because of financial considerations and evolving technologies.
Iran Bushehr Nuclear Power Plant Reactor #1 Historical Imagery
Images from GeoEye. See also: Iran Nuclear Sites: Bushehr Nuclear Power Plant
Corporate, Department of Defense, United Kingdom
TRITON Intelligence Report: Iranian Support for the Afghan Taliban
In March 2010 Channel 4 News was shown a large consignment of weapons, reportedly destined for Afghan insurgents, which had been intercepted on the Iranian border in Herat province. The weapons seized included landmines, explosives, mortar rounds, RPG rounds and grenades as well as possible IED main charges in cooking pots and jerry cans. Some of the mines had Persian serial numbers. Afghan government records show that 10.5 tonnes of weapons from Iran were intercepted in Herat province during the previous 12 months and Afghanistan claims that 60% of the weaponry came directly from the Iranian government.
International Atomic Energy Agency, Iran
IAEA Report Alleging Iran’s Intention to Create a Nuclear Warhead
In order to confirm, as required by the Safeguards Agreement, that all nuclear material in Iran is in peaceful activities, the Agency needs to have confidence in the absence of possible military dimensions to Iran’s nuclear programme. Previous reports by the Director General have detailed the outstanding issues and the actions required of Iran,12 including, inter alia, that Iran implement the Additional Protocol and provide the Agency with the information and access necessary to: resolve questions related to the alleged studies; clarify the circumstances of the acquisition of the uranium metal document; clarify procurement and R&D activities of military related institutes and companies that could be nuclear related; and clarify the production of nuclear related equipment and components by companies belonging to the defence industries.
Iran Nuclear Site: Natanz Uranium Enrichment Site
Natanz (نطنز) is a hardened Fuel Enrichment Plant (FEP) covering 100,000 square meters that is built 8 meters underground and protected by a concrete wall 2.5 meters thick, itself protected by another concrete wall. In 2004, the roof was hardened with reinforced concrete and covered with 22 meters of earth. The complex consists of two 25,000 square meter halls and a number of administrative buildings. This once secret site was one of the two exposed by Alireza Jafarzadeh in August, 2002. IAEA Director General Mohamed ElBaradei visited the site on 21 February 2003 and reported that 160 centrifuges were complete and ready for operation, with 1000 more under construction at the site. Under the terms of Iran’s safeguards agreement, Iran was under no obligation to report the existence of the site while it was still under construction. There are currently approximately 7,000 centrifuges installed at Natanz, of which 5,000 are producing low enriched uranium.
Iran Nuclear Sites: Bushehr Nuclear Power Plant
The Bushehr Nuclear Power Plant (Persian نیروگاه اتمی بوشهر) is a nuclear power plant in Iran which is under construction 17 kilometres (11 mi) south-east of the city of Bushehr, between the fishing villages of Halileh and Bandargeh along the Persian Gulf. The nuclear power plant was planned to go on network in 2009. As late as November 28, 2009, the construction of the facility was said to be on schedule for completion.
International Atomic Energy Agency, Israel
Statement by Director General Israel Atomic Energy Commission To the International Atomic Energy Agency
Mme President, let me begin by congratulating you, on being elected President of the General Conference. I can assure you the fullest cooperation of the delegation of Israel, in carrying out your important and responsible tasks. I also wish to congratulate the kingdom of Cambodia and the Republic of Rwanda as new members of the Agency. Yesterday, the General Conference has confirmed Ambassador Yukiya Amano of Japan, to the most professional and distinguished post of IAEA’s Director General. Israel has known Ambassador Amano’s professional qualifications and personal integrity over the years, and looks forward to working with him in this new capacity. We wish Ambassador Amano much success in guiding the work of the Agency.