Topic: Iran

    Iran, U.S. Army

    Asymmetric Warfare Group Iran Quick Reference Guide

    Since its inception in 1979, the Islamic Republic of Iran has repeatedly disrupted the stability of the Middle East and fostered terrorist threats throughout the world. Iran exploited the power vacuum which followed the Iraq War in 2003 and Arab Spring in 2011 to significantly extend its regional influence, primarily through the establishment of proxy groups and new relationships with existing regional terrorist groups. International sanctions against Iran, levied in response to Iran’s support for terrorism and nuclear activities, constrained Iran’s actions, but did not end them, nor did they stop Iran from enhancing its conventional military enterprise.

    Read more →

    Department of Homeland Security

    (U//FOUO) DHS Bulletin: Online Foreign Influence Snapshot August 2022

    We judge that narratives driven by Chinese, Iranian, and Russian state media, and proxy websites linked to these governments, often involve fact-based articles as well as editorials; these publications may include misinformation, disinformation, or factual but misrepresented information. This monthly “Snapshot” compiles English-language narratives, which we assess are intended for US and Western audiences, and highlights both consistent trends and emergent messaging, which we assess to reveal foreign actors’ changing influence priorities. We judge that, typically, China uses state and proxy media—including US-based outlets—to try to shape diaspora conduct and US public and leadership views; Iran state media manipulates emerging stories and emphasizes Tehran’s strength while denigrating US society and policy; and Russia uses both state and proxy media to amplify narratives seeking to weaken Washington’s global position relative to Moscow’s.

    Read more →

    Department of Homeland Security

    (U//FOUO) DHS Bulletin: Iranian Influence Efforts Primarily Use Online Tools to Target US Audiences, Remain Easily Detectable for Now

    We assess that Iran likely will continue to rely primarily on proxy news websites and affiliated social media accounts to attempt sustained influence against US audiences, while we expect intermittent, issue-specific influence attempts via other means (e.g., e-mails). We base this assessment on Iran’s actions since at least 2008 to build and maintain vast malign influence networks anchored by proxy websites, as well as Iran’s attempts to find new avenues to re-launch established malign influence networks after suspension. Tehran employs a network of proxy social media accounts and news websites that typically launder Iranian state media stories (stripped of attribution), plagiarize articles from Western wire services, and occasionally pay US persons to write articles to appear more legitimate to US audiences.

    Read more →

    Federal Bureau of Investigation, Iran

    FBI Cyber Bulletin: Website Defacement Activity Indicators of Compromise and Techniques Used to Disseminate Pro-Iranian Messages

    Following last week’s US airstrikes against Iranian military leadership, the FBI observed increased reporting of website defacement activity disseminating Pro-Iranian messages. The FBI believes several of the website defacements were the result of cyber actors exploiting known vulnerabilities in content management systems (CMSs) to upload defacement files.

    Read more →

    Department of Homeland Security, Federal Bureau of Investigation, National Counterterrorism Center

    (U//FOUO) DHS-FBI-NCTC Bulletin: Escalating Tensions Between the United States and Iran Pose Potential Threats to the Homeland

    This Joint Intelligence Bulletin (JIB) is intended to assist federal, state, local, tribal, and territorial counterterrorism, cyber, and law enforcement officials, and private sector partners, to effectively deter, prevent, preempt, or respond to incidents, lethal operations, or terrorist attacks in the United States that could be conducted by or on behalf of the Government of Iran (GOI) if the GOI were to perceive actions of the United States Government (USG) as acts of war or existential threats to the Iranian regime.

    Read more →

    National Counterterrorism Center

    (U//FOUO) National Counterterrorism Center Report: Envisioning the Emergence of Shia Homegrown Violent Extremist Plotters in the US

    We assess that a Shia homegrown violent extremist (HVE) attack in the US is highly unlikely absent a catalyzing event that could galvanize some US-based Shia to engage independently in violence. Given sustained bilateral US-Iran tensions, the occurrence of such a catalyst could prompt Shia HVE activity relatively quickly, underscoring the benefits of early engagement with Shia communities about indicators of HVE radicalization. Potential triggering events for such Shia HVE violence include US military action against Iran and Lebanese Hizballah, Shia leadership or senior clerics sanctioning violence in the US, prominent Sunni government attacks on Shia, or high-profile anti-Shia activity in the US, judging from the results of a structured NCTC brainstorming exercise.

    Read more →

    Federal Bureau of Investigation

    FBI Cyber Bulletin: IP Addresses and Domains Used by Iran-Based Cyber Actors to Attack Victims Worldwide

    The FBI assesses a group of malicious cyber actors—likely located in Iran—use Virtual Private Server infrastructure hosted in the United States to compromise government, corporate, and academic computer networks based in the Middle East, Europe and the United States. This infrastructure is used in conjunction with identified malicious domains to support a broad cyber campaign which likely includes the use of e-mail spear phishing, social engineering, and malicious Web sites (“watering hole attack”). These cyber actors almost certainly have been involved in this activity since at least early-2015.

    Read more →