News
Bethan McKernan
May 26, 2016
Getty
Iran's Islamic Revolutionary Guard Corps (IRGC), the country's ideologically driven militia, has a controlling stake in almost every aspect of Iranian society.
Since the election of political reformer Hassan Rouhani as president in 2013, how much power the IRGC still yields is under debate - but new attempts to undermine the Rouhani administration via hacking suggest they are as entrenched in Iran's political, economic and military structures as ever.
What's going on?
While the Revolutionary Guard has long targeted journalists and activists through basic hacking methods such as password phishing, emailed malware and intercepting text messages, in an unprecedented move, members of the reformist administration are now being targeted too, non-profit group the International Campaign for Human Rights (ICHR) in Iran says.
Iranian President Hassan Rouhani (C) with supporters in Tehran on February 11, 2014 (Picture: Atta Kenare/Getty Images)For example: during the recent parliamentary elections, dozens of targets were sent an email with a PowerPoint attached containing "urgent news" about the disqualification of the grandson of the late Ayatollah Ruhollah Khomeini from the elections.
When opened, the PowerPoint activated malware that sent the computer's information to IRGC hackers and effectively rendered it under their control.
Screenshot of hacker email, with malware attached (Picture: Supplied)The information gleaned from hacking electronic records and devices has been used on several occasions as evidence to arrest and detain the Guard's enemies. Hacking is also often deployed abroad.
The tactic is designed to dissuade human rights champions from their work by compromising their information, and also putting their contacts and correspondents at risk because of the security breaches.
So why are the IRGC hacking the Rouhani administration? And why now?
According to Hadi Ghaemi, Executive Director of the ICHR, there are two reasons: firstly, to scare off Rouhani's reformers from making contacts with activists both in Iran and the diaspora; and secondly, to identify new people who might not have previously been on their watch lists.
[The IRGC] have always wanted sanctions to be removed but in the long term they obviously have huge differences [with Rouhani's aims]. Domestically, they hope to isolate him. This will have serious consequences if it works.
The IRGC have been steadily building up their 'cyber army' for the last few years, Ghaemi says - and while they're no NSA or GCHQ, they are doing real damage.
A member of the IRGC stands guard in southern Tehran on February 1st, 2010 (Picture: Atta Kenare/Getty Images)Before the new wave of attacks began earlier this year there was evidence that Rouhani's efforts to encourage educated and relatively wealthy members of the diaspora to come home to help kickstart the country's economy were working.
There is a chilling effect, it creates an environment of fear, of knowing you're being monitored. It's designed to scare off civil society outside Iran.
The campaign estimates that the accounts of around 100 people in the Rouhani administration have been affected by phishing and other attacks in the last two years - which of course is amplified considering all of their contacts are now targets for the IRGC too.
The response from the Rouhani government, though, has been lacklustre to say the least.
There has been no official criticism of the attacks - and while the campaign and other freedom of speech organisations understand that publicly criticising the IRGC is challenging, they say worrying questions remain over how much meaningful progress Rouhani's government can achieve if the cyber attacks persist.
More: Everyone's talking about Telegram and Isis when we should be talking about Iran
More: A sanction-free Iran is about to go on a world-wide shopping spree
Top 100
The Conversation (0)