Today’s growing cyber warfare arms race, prompts for systematic, structured, and multidisciplinary enriched processes to be utilized, in order to anticipate/neutralize and properly attribute an adversary’s strategic, tactical and operational Computer Network Operation (CNO) capabilities, so that an adequate response can be formulated and executed on the basis of a factual research answering some of the most relevant questions in the ‘fifth domain’ of warfare – who are our adversaries, what are they up to, when are they going to launch an attack against us, how exactly are they going to launch it, and what are they going to target first?
- Overview and In-Depth Analysis of Iran’s Most Popular Hacking Groups
- Personally Identifiable Information and Enriched OSINT Analysis
- Iran Hacking Group’s Team Members Personal Photos
- Iran Hacking Team’s Personal Group Photos
- Personal and Group-Published Hacking and Security Tools
- Analysis of Iran’s Cyber Academic Sector
- Social Network Analysis Maltego Graph
Primary Iranian Hacking and Hacker including Web Site Defacement Groups Analyzed in this Report include:
- Ashiyane Digital Security Team
- Iranhack Security Team
- Iranian Datacoders Security Team
- Iran Security Team a.k.a SEPANTA Team/Iran Cyber Army 2012/2013
- IDH Security Team
- Bastan Security Team
- NOPO Digital Security Team
- Shekaf Security Team
- Mafia Hacking Team
- Iran Black Hats Team
- Delta Hacking Security Team
- Digital Boys Underground Team
- IrIst Security Team
This qualitative analysis (45 pages) seeks to assess the Computer Network Operations (CNO) of Islamic Republic of Iran, through the prism of the adversary’s understanding of Tactics, Techniques and Procedures (TTP), a structured and geopolitically relevant, enriched OSINT assessment of their operations, consisting of interpreted hacking literature, videos, and, custom made hacking tools, extensive SNA (Social Network Analysis) of the country’s Hacking Ecosystem, real-life personalization of the key individuals behind the groups (personally identifiable photos, personal emails, phone numbers, Blogs, Web Sites, Social Networking accounts etc.). It’s purpose is to ultimately empower decision/policy makers, as well as intelligence analysts, with recommendations for countering Islamic Republic of Iran’s growing understanding and application of CNO tactics and strategies.
This report’s methodology, relies on collecting, interpreting, enriching, turning into actionable intelligence, factually enriched data regarding Islamic Republic of Iran’s, academic incubators of the next generation of cyber warriors, Iran’s understanding and applicability of offensive information and asymmetric cyber warfare capabilities, and an in-depth assessment of the regime’s vast hacking community, in the context of training, and producing operational assets, through large scale educational, training, and socializing assets.
- Assessment of Iran’s understanding of offensive CNO (Computer Network Operations) in the context of information and asymmetric warfare
- Assessment of Iran’s Academic Incubators in the context of RMA (Revolution in Military Affairs), NCW (Network Centric Warfare), and CNO capabilities
- Assessment of Iran’s offensive CNO-capable offensive hacking groups
The analysis also includes a direct and enriched Social Network Analysis Graph of all the currently active Iranian Hacking Groups using Maltego.