Iran is recruiting a hacker army to target the U.S. power grid, water systems and other vital infrastructure for a cyberattack in a future confrontation with the United States, security specialists will warn Congress on Thursday.
“Elements of the [Iranian Revolutionary Guard Corps] have openly sought to pull hackers into the fold” of a religiously motivated cyberarmy, according to Frank J. Cilluffo, director of the Homeland Security Policy Institute at George Washington University.
Lawmakers from two House Homeland Security subcommittees will hold a joint hearing Thursday about the cyberthreat posed by Iran — as tensions over Tehran’s nuclear program continue at a high level and as a possible Israeli strike against it looms.
The Washington Times obtained advance copies of witnesses’ prepared testimony.
In his remarks, Mr. Cilluffo says that, in addition to the recruiting by the Revolutionary Guards, another extremist militia, the Basij, “are paid to do cyberwork on behalf of the regime, [and] provide much of the manpower for Iran’s cyber-operations.”
Both militias are thought to be under the control of Iran’s clerical leadership, headed by supreme leader Ayatollah Ali Khamenei. Two Revolutionary Guard leaders have been indicted by U.S. prosecutors in connection with a suspected plot to assassinate Saudi Arabia’s ambassador to the United States by bombing a prominent Washington restaurant.
“Over the past three years, the Iranian regime has invested heavily in both defensive and offensive capabilities in cyberspace,” states testimony from Ilan Berman, vice president of the hawkish American Foreign Policy Council, in his remarks for Thursday’s hearing.
Estimates of the skill level of Iran’s hacker army vary, but Mr. Cilluffo points out that a veritable “arms bazaar of cyberweapons” is accessible through the Internet hacker underworld.
“Adversaries do not need capabilities, just intent and cash,” he states.
Mr. Cilluffo was recruited by President Bush on Sept. 12, 2001, the day after the terrorist attacks on the World Trade Center and the Pentagon. He helped set up the Office of Homeland Security in the White House and left for George Washington University in 2003.
In 2009, Iran’s nuclear program was attacked by a cyberweapon called Stuxnet. Although there is no definitive evidence of Stuxnet’s origins, Iran has blamed the United States and Israel and has been girding for a conflict in cyberspace ever since.
“For the Iranian regime the conclusion [drawn from Stuxnet] is clear: War with the West, at least on the cyberfront, has [already] been joined, and the Iranian regime is mobilizing,” states Mr. Berman.
The tensions between Iran and the West have taken unconventional forms besides cyberwarfare.
Iran claimed this month that it has been able to copy sensitive technology from a U.S. drone that crashed over its territory. It also has accused the United States and Israel of killing several of its nuclear scientists.
In a statement released Wednesday night, Rep. Dan Lungren, California Republican and chairman of the cybersecurity, infrastructure protection, and security technologies subcommittee said that “if recent reports are accurate that Tehran is investing $1 billion to expand their cyberwarfare capabilities, Iran will be a growing cyber threat to our U.S. homeland.”
The congressional testimony will be presented as the world waits for the next round of talks about Iran’s nuclear program – which Tehran insists is for peaceful purposes – next month in Iraq.
The United States and other members of the U.N. Security Council are pushing Iran to end its program of uranium enrichment. In exchange, trusted third-party countries would provide fuel for its civilian nuclear program. Enriched uranium can be used as fuel, but it can also be further enriched quickly and used in a nuclear weapon.
“Tensions between the West and Iran are increasing over Iran’s illicit nuclear program, making the potential for an Iranian cyberattack against the homeland a real possibility,” said Rep. Patrick Meehan, Pennsylvania Republican and chairman of the counterterrorism and intelligence subcommittee, the other panel at Thursday’s hearing.
As negotiators prepare for the next round of talks, the tightening screw of international sanctions and the looming threat of an Israeli military strike against Iran’s nuclear sites have provoked threats from leading figures in the Revolutionary Guards.
Mr. Cilluffo notes that “Iran is not monolithic: command and control there is murky, even within the [Revolutionary Guards], let alone what is outsourced.”
He notes that the Lebanese-based militant Hezbollah movement — which Iran has frequently used as a terrorist proxy — has begun recruiting its own cybermilitia of skilled hackers.
“Iran has a long history of demonstrated readiness to employ proxies for terrorist purposes,” Mr. Cilluffo’s testimony states.
“There is little, if any, reason to think that Iran would hesitate to engage proxies to conduct cyberstrikes against perceived adversaries.”
Those proxies could make it hard to prove that Iran was behind the attacks.
Mr. Berman’s testimony notes that an extremist newspaper affiliated with the Revolutionary Guards last year warned the United States to “worry about ‘an unknown player somewhere in the world’ attacking a section of [U.S.] critical infrastructure.”
In 2009 and 2010, a hacker group calling itself the Iranian Cyber Army attacked Twitter and the Chinese search engine Baidu, as well as Iranian websites belonging to the opposition Green Movement.
“In the event of a conflict in the Persian Gulf,” attacks like that on Twitter “could provide Iran an avenue for psychological operations directed against the U.S. public,” states Mr. Cilluffo.
Such operations would aim at sowing fear and confusion by attacking systems Americans use in their daily lives.
In a Persian Gulf military standoff, Iran also might combine computer-network attacks against U.S. military information and communications systems with more conventional jamming techniques “to degrade U.S. and allied radar systems, complicating both offensive and defensive operations,” Mr. Cilluffo adds.
Some parts of the federal government, such as U.S. Strategic Command and the State Department’s Nonproliferation Bureau, have begun to pay attention to the Iranian threat of a cyberattack, but no one in the administration is “tasked with comprehensively addressing the Iranian cyberwarfare threat,” Mr. Berman warns.
“The U.S. government, in other words, has not yet even begun to get ready for cyberwar with Iran,” he concludes.