Iran has claimed it has uncovered details of a recent cyber attack on the municipality of Tehran – but no information was lost due to the attack.
The claims were made in an article at Iran’s Tasnim News and are based on comments by Brig.-Gen. Gholam Reza Jalali, commander of the Civil Defense Organization. In 2019 he said that, “in the area of such threats, we have achieved remarkable capabilities and can easily thwart these types of attacks.” He warned back in 2017 about US cyber threats to Iran.
The overall context of Jalali’s comments is not clear. He has said in the past that countries in the region are “plotting against the country to hit its cyber infrastructure.” Cyber warfare has increased in general in the region. Iran has been affected in the past, claiming cyber attacks on a port.
There are 51 cities in the country with more than 200,000 residents, he said, and they coordinate on urban defense plans. He has stressed the importance of new laws as well, hoping to improve security and put a priority on civil defense.
Cyber knowledge
Jalali also stressed the importance of information technology, which has seen “explosive” growth in recent years, saying that it “has brought with it advantages, threats and disadvantages.” Foreign countries that are better at cyber than Iran can “take advantage of this against the country,” Jalali said.
“The fact is that the development of cyber knowledge has led to the emergence of new concepts such as cyber warfare.” This is “a war that has developed in various fields, especially in recent years, that has created new patterns of war,” he said. “For example, we see the use of cyber capabilities in military warfare, which has completely changed the field of war compared to the past.”
"The fact is that the development of cyber knowledge has led to the emergence of new concepts such as cyber warfare."
Brig.-Gen. Gholam Reza Jalali
This is important. He referenced previous computer virus threats, such as Stuxnet, more than a decade ago. He noted the damage to Natanz from the virus. “Infiltrating infrastructure, hiding, spreading, gathering, collecting and sending information, receiving demolition orders and carrying out demolition, these capacities have led to the emergence of a new and advanced model of cyber threats in the form of cyber infrastructure warfare.”
THE CIVIL DEFENSE commander also noted the importance of “arming social networks, [which] is another type of new cyber war.” He said that “in attacking the country’s fuel management system, we saw a combined model of cyber warfare aimed at attacking infrastructure, cutting off services and generating insecurity. Cyberspace in particular affects users by changing and affecting minds, perceptions, beliefs, values, memory and decision-making systems.”
The Iranian officer said that each country now faces threats, which are “in proportion to its assets in cyberspace” and they are “exposed to threats in this area, of course, with different patterns… we are witnessing two types of attacks in the field of cyber.” This includes devices being affected and also cyber “weapons” which are “designed for accurate, specialized and destructive attacks. Our enemies, such as the United States and the Zionist regime, are threatening Iran with cyber-attacks in their open and official strategies.”
Jalali says that the first purpose of recent threats to Iran is to cut off services to the public. “The second goal is to magnify the effect of the cut-off service on the minds of the people and the third is to assess the security effect of this magnification on the people.” This means that cyber threats can also mean spreading information against the regime and cause people to spread rumors, meaning that “the people themselves will help to facilitate the passage of the crisis.”
He accused the previous government of being “lazy” in managing cyberspace. “We believe that in such an environment, we need law and regulation, because this vulgarity [laziness] results in nothing but harm to the national interest.”
Jalili claimed that in recent years there have been 200 cyber drills in the country. He has attempted to protect all the infrastructure of Iran. “Because municipalities all over the world are obliged to provide easy services to citizens, they do not use sophisticated security systems and much of the information at their disposal lacks information classification,” he said.
When Tehran’s municipality was affected, Iran’s cyber defenders had to temporarily stop services for several hours to try to detect what was wrong. “In the meantime, some of the city traffic cameras that had problems due to the virus, quickly returned to service by detecting the virus and cleaning the systems.” He claims that no information was lost.
The civil defense head called for the government to recognize the threats and implement the proper support for the civil defense organization.