Iran's cyber police ready to patrol web

Iran's top police chief envisions a new beat for his forces: patrolling cyberspace.

Iran's top police chief envisions a new beat for his forces: patrolling cyberspace.

"There is no time to wait," Gen. Ismail Ahmadi Moghaddam said last week at the opening of a new police headquarters in the Shia seminary city of Qom. "We will have cyber police all over Iran." 

The first web watchdog squads are planned in Tehran this month — another step in Iran's rapidly expanding focus on the digital world as cyber warfare and online sleuthing take greater prominence with the Pentagon's new Cyber Command and the secrets spilled to WikiLeaks.

For Iranian authorities, mastering the intricacies of the web is seen as critical on two fronts: an offensive weapon against political opposition and a defensive shield to thwart cyber-attacks such as the Stuxnet computer worm that Iran said was aimed at sabotaging its uranium enrichment program.

The Revolutionary Guard — Iran's military-industrial powerhouse — is believed linked to the secretive "Cyber Army" that emerged as a counter punch against the onslaught of opposition websites and blogs after the disputed re-election of President Mahmoud Ahmadinejad in 2009.

Some Iranian lawmakers are now reportedly seeking a sharp boost in funding and recruitment to bring more hackers into the Revolutionary Guards paramilitary Basij corps, which is far better known for its storm trooper role against protesters. 

Early evidence

The suspected fingerprints of the so-called cyber army have already turned up in defacements against Twitter, the Chinese search engine Baidu and TechCrunch Europe, a blog covering web startups and related news.

The cyber army also has been blamed for blocking reformist sites and even hacking into the website of Farsi1, a popular television channel based in Dubai and owned by an Afghan media tycoon and Rupert Murdoch's News Corp. 

This week, the home pages of Hillsboro Beach, Fla., were hacked by someone who posted an Iranian flag and the mysterious words "MCSM Iran Hacking."

Iran, meanwhile, is trying to bolster its firewalls after the Stuxnet code was found in programs involved in its nuclear program. 

Iranian officials claim there were no setbacks in nuclear operations from the Stuxnet worm. But a November report by the UN nuclear agency said Iran's enrichment program was temporarily shut down in a possible link to the Stuxnet infiltration. 

International diplomacy

Washington and others worry that Iran could eventually produce nuclear material for warheads, but Iran insists it only seeks nuclear reactors for energy and research.

A secret U.S. diplomatic memo released this week by WikiLeaks — from a January 2010 meeting between German and U.S. officials — includes a recommendation that "covert sabotage," including explosions and computer hacking, "would be more effective than a military strike whose effects in the region could be devastating."

But Iran's intelligence minister, Heidar Moslehi, claimed in October that programmers had neutralized Stuxnet because of their "domination of virtual networks."

It's impossible to accurately weigh Iran's statements. But it appears that Iran has taken some initial steps, including efforts to install a system that immediately flags possible cyber-attacks, said an Israel-based computer security expert, Shai Blitzbau.

"It can monitor in real time all the abnormal activity in the networks," said Blitzbau, technical director for Maglan Group, an Internet security firm with offices in Europe and Israel.

The country's main police chief, Ahmadi Moghaddam, gave few details in his announcement last week. But he pointed out the need to stamp out web-based "defamation and mischief" — a clear reference to opposition websites and blogs that often serve as the crucial sources of information and tips because of restrictions imposed on foreign journalists.