The latest purge of what Reuters called “coordinated inauthentic behavior” identified 2,632 pages across Facebook and the Facebook-owned photo-sharing site Instagram. As expected, the vast majority of these false or deceptive pages could be traced back to Russia, but 513 of them were reportedly rooted in the Islamic Republic of Iran. Hundreds of Iranian government-backed accounts were removed by Facebook in January, and the ongoing struggle between the platform and its infiltrators underscores the familiar observation that Iran’s cyberespionage and cyberterrorism capabilities are steadily growing.
This was the message, for instance, of a report release by the web security firm Symantec on Wednesday. As Security Week explained, the firm has been tracking the activities of an Iran-linked cyber-spying group since 2016 and has observed a wide range of attacks on government and private sector entities particularly in the United States and Saudi Arabia but also touching upon a number of other countries. The report explains in some detail the ways in which a group known as APT 33 has sought to install malware and gain remote access to target systems.
Meanwhile, Bloomberg identifies a related group, APT 35, also known as Phosphorus, that has taken separate online actions on behalf of the Islamic Republic in recent months. Highlighting the fact that the fight against those activities is not just being waged by the major social media companies, the report notes that Microsoft recently took control of 99 entire websites that had been used by Phosphorus as part of the coordinated effort to deceive well-connected web users and steal confidential information.
Microsoft representatives explained that traffic to those sites has now been redirected to a security repository, where it will help to develop a more sophisticated understanding of this and other Iranian hacking groups’ operations. But Symantec and other security experts tend to agree that those operations are still developing as operatives acquire more skills and technical knowledge both through native learning and through the sharing of information with other anti-Western entities.
Meanwhile, national security and geopolitics authorities like Strafor have come to the conclusion that the Iranian regime is substantially committed to the ongoing support of these and other techniques of asymmetrical warfare. In an update to a previous analysis of Iran-US relations, Stratfor explained that Tehran is unlikely to take seriously provocative steps in its foreign policy, despite recent militarist bluster. Fearing the potential of a heavy American response to direct threats, the regime is apparently focused on asymmetrical methods and may be expected to remain so until there is another change of leadership in Washington.
While hacking stands out as one such asymmetrical methods, more traditional global propaganda efforts may serve a similar role. A prominent coalition of democratic opposition to the Iranian regime, the National Council of Resistance of Iran, has suggested that this propaganda can be expected to proliferate unless actively opposed by the international community. This expectation stems not only from the aforementioned fears of Western retaliation but also from a situation of persistent unrest inside the Islamic Republic, which was rocked by the nationwide spread of anti-government protests at the end of 2017 and the beginning of 2018.
The NCRI issued a press release on Monday celebrating an apparent victory for its efforts to combat the spread of Iranian propaganda, specifically propaganda defaming the Iranian Resistance and the coalition’s leading constituent group, the People’s Mojahedin Organization of Iran. The statement described the content of a judicial ruling handed down in Germany against Der Spiegel magazine for a February article that conveyed false information and unsubstantiated rumors about a PMOI compound in Albania, where roughly 3,000 of the group’s activists settled after being relocated from their embattled residence in Iraq.
The judgment assessed a financial penalty on the magazine and ordered it to remove the offending content from its online publication. It also noted that proper journalistic principles had not been observed regarding the reporting of uncorroborated suspicions. In previous statements, the PMOI and NCRI have provided detailed arguments for those suspicions’ origin in the Iranian Ministry of Intelligence, known agents of which have secured publication in international media over the years, or have been cited as experts in the same.
While the court ruling against Der Spiegel seems to represent a significant development in the area of direct opposition to Iran’s attempted spread of misinformation, another recent story may be seen as demonstrating similar resistance to the regime’s efforts to suppress competing sources of information on a global scale. According to The National, a British broadcasting regulator has effectively rebuffed complaints by the Iranian embassy and other entities regarding a Persian-language television network’s coverage of a terrorist attack that targeted the Iranian Revolutionary Guard Corps at a military parade.
The regulator, Ofcom, did not dispute objections to the commentary that had been provided by a spokesperson for a group linked to those who claimed responsibility for the attack. But Ofcom also noted that this commentary was challenged by the network’s presenters and was counterbalanced by statements from those who had condemned the attack unreservedly, meaning that the objectionable comments were “justified by the context.”
The network in question, Iran International, began broadcasting less than a year ago but has already angered Iranian officials, according to The National. But Tehran has a long history of attacking foreign-based news outlets that focus on Iranian events and Iranian affairs, and this arguably supports the network’s claim that criticism of its coverage has almost entirely “emanated from the Iranian government or its publications or known supporters.”
In 2017, the regime made international headlines by freezing the assets of more than 150 individuals who had worked for or contributed to the BBC’s Persian service, which is officially banned in the Islamic Republic. The previous year, Iranian authorities arrested an Iranian-British dual national named Nazanin Zaghari-Ratcliffe and later sentenced her to five years in prison, apparently on the basis of her having previously been employed by the BBC, even though she did not serve a journalistic role.