Iran responds to Stuxnet by expanding cyberwar militia

13-million-person paramilitary will include increasing effort at cracking

The search for the source of in the Stuxnet worm attack that appears to have been aimed at Iran's nuclear development projects is no closer to a conclusion than it was in October, though the list of A-list culprits has expanded to include China.

Faced with damage to both its nuclear facilities and bomb attacks on leading nuclear scientists and continuing international opposition to its nuclear ambitions, Iran has responded by creating a cyberwarfare militia.

In a Nov. 29 article, the Iran newspaper (it's in Persian, so I'm taking Forbes' word for it) mapped out the government's desire to recruit 1.5 million more young Iranians for the national militia, many of whom would be recruited specifically for cyberwarfare.

The cyberwar group would be part of Basij (short for "Mobilization of the Oppressed) a volunteer group created in 1979 by the Ayatollah Khomeini and not totals as many as 13 million young Iranians who join out of patriotism or in exchange for official benefits.

The paramilitary group is subordinate to the Iranian Revolutionary Guards that form the core of Iran's military, but operate in a much less official capacity.

Both Basij and the IRG have been involved in cyberwar in the past, presenting it as another way to defend Iran against vastly more powerful Western forces.

According to a May 21 article in the English-language version of the nationalist People's Mojahedin Organization of Iran, Basij had set up an investigative and cyberwar wing to strike back:

"On November 26, 2008, the state-run Fars news agency published an interview with Hamid-Reza Khaksar, Head of Bassij Public Relations. Khaksar referred to the Bassij Force’s cyber activities, saying, “Today, the enemy has infiltrated our cyber borders which encompass the internet, TV, and other media. The most suitable people for defending these borders are the Bassij forces.” He added, “There have either been no intelligence and operational bases established in these cyber borders or they have been set up late. That is why the enemy can currently do whatever it wants.”

So far neither the old or new Basij cyberwar forces have made much impact, but Iran is far from the only comparatively small country using cyberwar units to strike back at those that are militarily more powerful.

In 2007 Estonia launched a cyberwar against Russia using a volunteer organization called the Cyber Defense League.

Georgia has also joined in the fun against its former Soviet comrade. Russian organized crime and paramilitary groups have fought back, expanding the aggression to attack Kyrgyzstan.

Pakistan and India cyberwar back and forth across their digital border.

Though troublesome, none of the online warfare has turned into a serious international conflict.

That might be because of their relatively narrow targets, though in March the greatest holdup for Basij's efforts appeared to be money.

The U.S. military has its own cyberwar and counter-terrorism groups, as do China and other major powers. In mid-2010, al Queda launched online attacks on U.S. bases in Afghanistan.

Recruiting extra militia from Boy-Scout-aged Iranian patriots seems like overkill, considering all the other cyberwarriors already heating things up online.

So far, though, Stuxnet is still the only major attack that was able to expand its impact into the real world, rather than the kind of online resources that come down in the face of DDOS and other attacks.

Until and unless we see more of those, I'm not going to worry much more about Iran's cyberwar than I would about all the other hackers, malware creators, botnet generals and trolls of other kinds.

Our military has been turning the Internet into a dangerous place for enemies of the U.S. for longer and far more effectively than the enemies have been doing it to us in return.

Having Iran ramp up its online coterie a bit won't make much difference in the long run for the U.S., given how quickly the whole Internet is turning into a free-fire zone anyway.

Kevin Fogarty writes about enterprise IT for ITworld. Follow him on Twitter @KevinFogarty.

What’s wrong? The new clean desk test
Join the discussion
Be the first to comment on this article. Our Commenting Policies