Cyberwarfare and Iran

Following directives from Iran's supreme leader Ali Khamenei after the October 7 attacks, cyber operations expanded, including joint efforts with Hezbollah.

Despite these advances, Iran's cyber capabilities still fall short of Israel's, with Iranian hackers' skills being likened to those of mid-level organized crime gangs.

[22] Reportedly a combined effort by the United States and Israel,[23] Stuxnet destroyed perhaps over 1,000 nuclear centrifuges and, according to a Business Insider article, "[set] Tehran's atomic programme back by at least two years.

[citation needed] The Iranian government has been accused by Western analysts of its own cyber-attacks against the United States, Israel and Persian Gulf Arab countries, but denied this, including specific allegations of 2012 involvement in hacking into American banks.

[85][86] In November 2024 ClearSky revealed an Iranian "dream job malware" APT TA455 doing an op using North Korean shared methods targeting US defence sector.

[87] Iranian state-sponsored hackers, identified as TA455 (also known as APT35 and Charming Kitten), have been conducting a cyber espionage campaign targeting the aerospace industry since September 2023, using tactics similar to those of North Korean threat actors.

TA455 employs Cloudflare to obscure its command-and-control domains and encodes command and control data on GitHub to blend in with legitimate web traffic, making tracking their infrastructure difficult.

[88] The UK and US have jointly issued a warning about ongoing spear-phishing attacks conducted by cyber actors affiliated with Iran's Islamic Revolutionary Guard Corps (IRGC).

These sophisticated attacks target individuals connected to Iranian and Middle Eastern affairs, including government officials, think tank personnel, journalists, activists, and those involved in US political campaigns.

[98] Accounts were suspended for coordinated inauthentic behavior, which removed eight networks in recent weeks, including one with links to the Islamic Republic of Iran Broadcasting.

Cyberwarfare specialists of the United States Army 's 782nd Military Intelligence Battalion (Cyber) supporting the 3rd Brigade Combat Team, 1st Cavalry Division during a training exercise in 2019