This Reference Aid examines tactics and targets garnered from a review of attacks or disrupted terrorist operations from 2012-2018 linked to either Lebanese Hizballah (LH) or Iran. It identifies behaviors and indicators that may rise to the level for suspicious activity reporting in areas such as recruitment, acquisition of expertise, materiel and weapons storage, target type, and operational security measures, which could assist federal, state, local, tribal, and territorial government counterterrorism agencies, law enforcement officials, and private sector partners in detecting, preventing, preempting, and disrupting potential terrorist activity in the Homeland. This Reference Aid does not imply these indicators would necessarily be observed or detected in every situation or that LH and Iran necessarily use the same tactics or demonstrate the same indicators. Some of these detection opportunities may come during the course of normal investigations into illegal activities in the United States such as illicit travel or smuggling of drugs, weapons, or cash, and lead to the discovery of pre-operational activity.
FBI Cyber Bulletin: IP Addresses and Domains Used by Iran-Based Cyber Actors to Attack Victims Worldwide
The FBI assesses a group of malicious cyber actors—likely located in Iran—use Virtual Private Server infrastructure hosted in the United States to compromise government, corporate, and academic computer networks based in the Middle East, Europe and the United States. This infrastructure is used in conjunction with identified malicious domains to support a broad cyber campaign which likely includes the use of e-mail spear phishing, social engineering, and malicious Web sites (“watering hole attack”). These cyber actors almost certainly have been involved in this activity since at least early-2015.
A group of cyber actors utilizing infrastructure located in Iran have been conducting computer network exploitation activity against public and private U.S. organizations, including Cleared Defense Contractors (CDCs), academic institutions, and energy sector companies. The actors typically utilize common computer intrusion techniques such as the use of TOR, open source reconnaissance, exploitation via SQL injection and web shells, and open source tools for further network penetration and persistence. Internet-facing infrastructures, such as web servers, are typical targets for this group. Once the actors penetrate a victim network, the actors exfiltrate network design information and legitimate user credentials for the victim network. Often times, the actors are able to harvest administrative user credentials and use the credentials to move laterally through a network.
Extremism is not a regional issue that just the nations of our region would have to grapple with; extremism is a global issue. Certain states have helped creating it and are now failing to withstand it. Currently our peoples are paying the price. Today’s anti-Westernism is the offspring of yesterday’s colonialism. Today’s anti-Westernism is a reaction to yesterday’s racism. Certain intelligence agencies have put blades in the hand of madmen, who now spare no one. All those who have played a role in founding and supporting these terror groups must acknowledge their errors that have led to extremism. They need to apologize not only to the past but also to the next generation.
Our world today is replete with fear and hope; fear of war and hostile regional and global relations; fear of deadly confrontation of religious, ethnic and national identities; fear of institutionalization of violence and extremism; fear of poverty and destructive discrimination; fear of decay and destruction of life-sustaining resources; fear of disregard for human dignity and rights; and fear of neglect of morality. Alongside these fears, however, there are new hopes; the hope of universal acceptance by the people and the elite all across the globe of “yes to peace and no to war”; and the hope of preference of dialogue over conflict, and moderation over extremism.
Address by Mahmoud Ahmadinejad, President of the Islamic Republic of Iran, before the 67th session of the United Nations General Assembly on September 26, 2012.
This study investigates Iran’s strategy of smuggling weapons to Afghan insurgents. Based on the hypothesis that Iran utilizes its weapons smuggling networks as proxies to leverage against foreign threats with predictable results, this study will address Iran’s future weapons smuggling behaviors. Iran, like the United States, is a complex actor pursuing rational, national strategic objectives. The perceived dichotomy between Iran’s words and actions results in an atmosphere of suspicion surrounding Iranian motives that can potentially lead to unintended escalations between Iran and other nations. An increase in tensions between the U.S. and Iran, specifically over perceived threats to Iranian sovereignty, will be matched with an increase in the rate and quantity of weapons, an introduction of more capable weapons, or both. Given the elasticity of realizing strategic success by increasing the rate and quantity of weapons, Iran will likely attempt to quickly counter an imminent threat by deploying more destructive weapons comparable to those Iran supplies to Lebanese Hezbollah.
A Defense Intelligence Agency presentation concerning geopolitics in the region surrounding Afghanistan and Pakistan from February 2012.
Previous reports by the Director General have identified outstanding issues related to possible military dimensions to Iran’s nuclear programme and actions required of Iran to resolve these. Since 2002, the Agency has become increasingly concerned about the possible existence in Iran of undisclosed nuclear related activities involving military related organizations, including activities related to the development of a nuclear payload for a missile, about which the Agency has regularly received new information.
Criminal complaint issued in the Iran-linked plot to assassinate the Saudi Arabian ambassador to the United States, USA vs. MANSSOR ARBABSIAR a/k/a “Mansour Arbabsiar” and GHOLAM SHAKURI a/k/a “Ali Gholam Shakuri”.
Who used the mysterious September 11 incident as a pretext to attack Afghanistan and Iraq, killing, injuring, and displacing millions in two countries with the ultimate goal of bringing into its domination the Middle East and its oil resources? Who nullified the Breton Woods system by printing trillions of dollars without the backing of gold reserves or equivalent currency? A move that triggered inflation worldwide and was intended to prey on the economic gains of other nations. Which country’s military spending exceeds annually a thousand billion dollars, more than the military budgets of all countries of the world combined? Which governments are the most indebted ones in the world?
The Department of Homeland Security Office of Inspector General issued a report in May 2011 titled “Supervision of Aliens Commensurate with Risk” that details Immigration and Customs Enforcement’s (ICE) detention and supervision of aliens. The report includes a list of Specially Designated Countries (SDCs) that are said to “promote, produce, or protect terrorist organizations or their members”. The report states that ICE uses a Third Agency Check (TAC) to screen aliens from specially designated countries (SDCs) that have shown a tendency to promote, produce, or protect terrorist organizations or their members and that the purpose of the additional screening is to determine whether other agencies have an interest in the alien. ICE’s policy requires officers to conduct TAC screenings only for aliens from SDCs if the aliens are in ICE custody.
Among the lessons learned from the revolutions in Egypt and Tunisia is the value and affect of unencumbered access to information and communications technology (ISCT), including but not limited to independent information and social networking across multiple platforms, such as mobile, internet, web-based, and satellite broadcast. The current ICT available in and outside Iran remain largely silod platforms (i.e. lacking technology that facilitates convergence of information and interactivity). In general, the younger generation that support reform and actively oppose the regime from within have not been able to effectively access newer technologies or have been dissuaded from participating in communications programs operated by less legitimate traditional opposition parties from outside. Most these platforms are either state sponsored, like VOA and BBC, or are exile opposition websites and channels out of Los Angeles with a political agenda and low tolerance for alternative viewpoints. Most have failed to stay up to date with the language, trends, mentality, culture, and sociopolitical situation of the today Iran. The partisan nature of the older generation opposition groups further limit their ability to reach the younger demographic.
IrExpert.ir is a Persian-language social networking site established as a forum for Iranian professionals and experts around the world. Similar in style to the popular international business social networking site Linkedin, IrExpert.ir serves as a platform for users to exchange ideas, foster professional relationships, connect with other colleagues, share information, and seekprofessional opportunities. Only limited information is available on the open social networking site, as the majority of content is retained in the password protected portal that can only be accessed by members. This report is based only on the information available to nonmembers.
For almost a decade, the Iranian regime and netizen activists have been engaged in a veritable war of attrition over freedom of information on the Internet. With at least tacit support from information technology businesses — whose interests are adversely affected by government controls and restrictions — activists have sought to exploit the Internet in order to share information and voice dissent. In turn, the authorities have been implementing plans to manage cyber activity by taking ownership of Internet infrastructure and by promoting the presence of their supporters and messages in cyberspace, while justifying their efforts on the grounds of morality and national security. Neither netizen activists nor the government are likely to win the battle over information flows in the near term, in part because of financial considerations and evolving technologies.
Images from GeoEye. See also: Iran Nuclear Sites: Bushehr Nuclear Power Plant
In March 2010 Channel 4 News was shown a large consignment of weapons, reportedly destined for Afghan insurgents, which had been intercepted on the Iranian border in Herat province. The weapons seized included landmines, explosives, mortar rounds, RPG rounds and grenades as well as possible IED main charges in cooking pots and jerry cans. Some of the mines had Persian serial numbers. Afghan government records show that 10.5 tonnes of weapons from Iran were intercepted in Herat province during the previous 12 months and Afghanistan claims that 60% of the weaponry came directly from the Iranian government.
In order to confirm, as required by the Safeguards Agreement, that all nuclear material in Iran is in peaceful activities, the Agency needs to have confidence in the absence of possible military dimensions to Iran’s nuclear programme. Previous reports by the Director General have detailed the outstanding issues and the actions required of Iran,12 including, inter alia, that Iran implement the Additional Protocol and provide the Agency with the information and access necessary to: resolve questions related to the alleged studies; clarify the circumstances of the acquisition of the uranium metal document; clarify procurement and R&D activities of military related institutes and companies that could be nuclear related; and clarify the production of nuclear related equipment and components by companies belonging to the defence industries.
Natanz (نطنز) is a hardened Fuel Enrichment Plant (FEP) covering 100,000 square meters that is built 8 meters underground and protected by a concrete wall 2.5 meters thick, itself protected by another concrete wall. In 2004, the roof was hardened with reinforced concrete and covered with 22 meters of earth. The complex consists of two 25,000 square meter halls and a number of administrative buildings. This once secret site was one of the two exposed by Alireza Jafarzadeh in August, 2002. IAEA Director General Mohamed ElBaradei visited the site on 21 February 2003 and reported that 160 centrifuges were complete and ready for operation, with 1000 more under construction at the site. Under the terms of Iran’s safeguards agreement, Iran was under no obligation to report the existence of the site while it was still under construction. There are currently approximately 7,000 centrifuges installed at Natanz, of which 5,000 are producing low enriched uranium.
The Bushehr Nuclear Power Plant (Persian نیروگاه اتمی بوشهر) is a nuclear power plant in Iran which is under construction 17 kilometres (11 mi) south-east of the city of Bushehr, between the fishing villages of Halileh and Bandargeh along the Persian Gulf. The nuclear power plant was planned to go on network in 2009. As late as November 28, 2009, the construction of the facility was said to be on schedule for completion.
Statement by Director General Israel Atomic Energy Commission To the International Atomic Energy Agency
Mme President, let me begin by congratulating you, on being elected President of the General Conference. I can assure you the fullest cooperation of the delegation of Israel, in carrying out your important and responsible tasks. I also wish to congratulate the kingdom of Cambodia and the Republic of Rwanda as new members of the Agency. Yesterday, the General Conference has confirmed Ambassador Yukiya Amano of Japan, to the most professional and distinguished post of IAEA’s Director General. Israel has known Ambassador Amano’s professional qualifications and personal integrity over the years, and looks forward to working with him in this new capacity. We wish Ambassador Amano much success in guiding the work of the Agency.