Iran is recruiting a hacker army to target the U.S. power grid, water systems and other vital infrastructure for cyberattack in a future confrontation with the United States, security specialists will warn Congress Thursday.
“Elements of the IRGC [Iranian Revolutionary Guard Corps] have openly sought to pull hackers into the fold” of a religiously motivated cyberarmy, according to Frank J. Cilluffo, director of the Homeland Security Policy Institute at George Washington University.
Lawmakers from two House Homeland Security subcommittees will hold a joint hearing Thursday about the cyberthreat posed by Iran, as tensions over Tehran’s nuclear program continue at a high level, and a possible Israeli strike looms.
The Washington Times obtained advance copes of witnesses’ prepared testimony.
In his remarks, Mr. Cilluffo says that, in addition to the recruiting by the IGRC, another extremist militia, the Basij, “are paid to do cyber work on behalf of the regime, [and] provide much of the manpower for Iran’s cyber-operations.”
Both militias are believed to be under the control of Iran’s clerical leadership, headed by Supreme Leader Ayatollah Seyed Ali Hosseini Khamenei. Two Revolutionary Guard leaders have been indicted by U.S.prosecutors for their part in an alleged conspiracy to assassinate Saudi Arabia’s ambassador to the United States by bombing a prominent Washington restaurant.
“Over the past three years, the Iranian regime has invested heavily in both defensive and offensive capabilities in cyberspace,” states testimony from Ilan Berman, vice president of the hawkish American Foreign Policy Council, in his remarks for Thursday’s hearing.
Estimates of the skill level of Iran’s hacker army vary, but Mr. Cilluffo points out that there is a veritable “arms bazaar of cyberweapons” currently accessible through the Internet hacker underworld.
“Adversaries do not need capabilities, just intent and cash,” he states.
Mr. Cilluffo was recruited by former President George W. Bush on Sept 12, 2001, the day after the terrorist attacks on the World Trade Center and the Pentagon. He helped set up the first Office of Homeland Security in the White House. He left for George Washington University in 2003.
In 2009, Iran’s nuclear program was attacked by a cyberweapon called Stuxnet. Although there is no definitive evidence of Stuxnet’s origins, Iran has blamed the United States and Israel and has been girding for a conflict in cyberspace ever since.
“For the Iranian regime … the conclusion [drawn from Stuxnet] is clear: War with the West, at least on the cyberfront, has [already] been joined, and the Iranian regime is mobilizing,” states Mr. Berman.
The tensions between Iran and the West have taken other unconventional forms besides cyberwarfare.
Iran claimed this month that it has been able to copy sensitive technology from a U.S. drone that crashed over its territory. It has also accused the United States and Israel of killing several of its nuclear scientists.
The congressional testimony comes as the world waits for the next round of talks about Iran’s nuclear program — which Tehran insists is for peaceful purposes — next month in Iraq.
The United States and other member of the U.N. Security Council are pushing Iran to end its program of uranium enrichment. In exchange, trusted third countries would provide fuel for its civilian nuclear program. Enriched uranium can be used as fuel, but it can also quickly be further enriched and used in a nuclear weapon.
As negotiators prepare for the next round of talks, the tightening screw of international sanctions and the still-looming threat of an Israeli military strike against Iran’s nuclear sites have provoked angry threats from leading figures in the Revolutionary Guards.
Mr. Cilluffo points out that “Iran is not monolithic: command and control there is murky, even within the IRGC [Revolutionary Guards], let alone what is outsourced.”
He notes that the Lebanese-based militant Hezbollah movement — which the Iranians have frequently used as a terrorist proxy — has begun recruiting its own cybermilitia of skilled hackers.
“Iran has a long history of demonstrated readiness to ploy proxies for terrorist purposes,” Mr. Cilluffo’s testimony states.
“There is little, if any, reason to think that Iran would hesitate to engage proxies to conduct cyberstrikes against perceived adversaries.”
Those proxies could make it might be hard to prove that Iran was behind the attacks.
Mr. Berman’s testimony notes that an extremist newspaper affiliated with the Revolutionary Guards last year warned the United States to “worry about ‘an unknown player somewhere in the world’ attacking a section of [U.S.] critical infrastructure.”
In 2009 and 2010, a hacker group calling itself the Iranian Cyber Army attacked Twitter and the Chinese search engine Baidu, as well as Iranian websites belonging to the opposition Green Movement.
“In the event of a conflict in the Persian Gulf” attacks like that on Twitter “could provide Iran an avenue for psychological operations directed against the U.S. public,” states Mr. Cilluffo.
Such operations would aim at sowing fear and confusion by attacking systems Americans rely on in their daily lives.
In a Persian Gulf military stand off, Iran might also combine computer-network attacks against U.S. military information and communications systems with more conventional jamming techniques “to degrade U.S. and allied radar systems, complicating both offensive and defensive operations,” Mr. Cilluffo adds.
Some parts of the federal government like U.S. Strategic Command and the State Department’s Nonpoliferation Bureau have begun to pay attention to the Iranian cyber threat, but no one in the administration is “tasked with comprehensively addressing the Iranian cyberwarfare threat,” Mr. Berman warns.
“The U.S. government, in other words, has not yet even begun to get ready for cyberwar with Iran,” he concludes.