"Green Cyber Demonstration": World Solidarity with the Iranian Protestors


One aim: unite the world’s citizens of all origins, nationalities and horizons who believe in democracy and Human Rights, and who wish to express their support for the pro-democracy movement in Iran.

This initiative is completely independent, non-political and non-religious.

How to participate

- Join our group on facebook, flickr, add us on twitter & myspace

- make our logo your profile image on these social websites

- write a message of support as your headline & on our page(s)

- inform & send links to your friends & contacts

- write about this event in your blogs & websites, feature our image & add a link to us

- contribute to our webpage with comments, slogans, photos/videos/songs etc.

Facebook group: WWIran Facebook group
On twitter: WWIran Twitter
Myspace page: WWIran Myspace
Downloadable images on flickr: WWIran Flickr profile
Flickr group: WWIran Flickr group
YouTube Channel: WWIran YouTube

How you can make a difference

The pro-democracy protestors in Iran are isolated and vulnerable. A strong turn-out here is a means for us to support them in their battle & remind governments & official international bodies around the world to act in the best interest of these freedom-fighters.Iran has ratified both the Declaration of Human Rights (signed 1948) and the Nuclear Non-Proliferation Treaty (signed 1968). Let us show the world that human dignity and Human Rights are values that transcend frontiers, and that our leaders should use as much energy in defending Human Rights as they do the nuclear issue.

“A dictatorship is more dangerous than a nuclear weapon.”


As a result of the fraudulent Iranian presidential elections of the 12th of June 2009, millions of people took to the streets of Iran to protest against Mahmoud Ahmadinejad; demanding a new and democratic election. These brave protestors, comprising all generations, demonstrated pacifically but faced harsh repression from government forces resulting in beatings, deaths, arrests, torture, forced confessions and mock show-trials. Despite this repression, the protest movement has continued to grow and is known as the ‘Green Movement’ (read below: ‘Why Green?’). In spite of this repression, the pro-democracy protestors in Iran have continued their mobilisation; taking to the streets, infiltrating official marches and finding new means to express themselves such as via the internet - despite the huge risks, including for their lives (two young men arrested before the elections, Reza Ali Zamani and Arash Rahmanipour, were executed on the 28th January 2010, with more feared).

Why Green?

Green is the symbolic colour under which the pro-democracy protestors march in Iran - it is traditionally the colour of hope. Although the colour of the presidential candidate Mussavi in June’s fraudulent elections, the protestors have since made this colour their own and are commonly called the ‘Green Movement’, which has grown to become a spontaneous independent citizen’s movement demanding democracy for Iran. Green is now the colour of all those who march for democracy in Iran.

Sunday, 28 February 2010

Pulling the Strings of the Net: Iran's Cyber Army

by FARVARTISH REZVANIYEH, Tehran Bureau, 26 FEB 2010.
iranhackers.jpg[ overview ] During the past few months, the activities of Iran's Cyber Army have attracted growing notice in the Iranian and international media. The suspicion that the Cyber Army's constituent hacker groups are connected to the Iranian government was strengthened when, after several sites were hacked, they issued warnings to the Green Movement. 

The scope of the measures taken by the Cyber Army discredits the theory that a group of Ahmandinejad's admirers spontaneously carried out such acts. The nature of their communications and of the sites targeted for attack indicate that there are hidden hands that support the Cyber Army.

A review of the political messages published by the Cyber Army in recent months and official statements in its defense made by a government administrator of Iran's aviation industry prompt a closer examination of the group, which previous reports have claimed is composed of Russian hackers based outside of Iran. What, in fact, is the Iranian Cyber Army and where is it actually based? Before answering these questions, a summary look at recent incidents involving the group is in order.

Attack on Twitter
On the morning of Friday, 28 Azar 1388 (December 19, 2009), connections with the Twitter website were severed in some parts of the world, and those who tried to access it were transferred to a message in English that read:

U.S.A. Think They Controlling and Managing Internet By Their Access,
But They Don't, We Control And Manage Internet By Our Power, So Do Not
Try To Stimulation Iranian Peoples To....
Take Care.

Attack on Baidu
On the morning of Tuesday, 22 Dey 1388 (January 12, 2010), Baidu, the largest Chinese search engine, was hacked. A message posted on it read, "The Iranian Cyber Army has been launched in protest against intervention by foreign and Zionist sites in our country's domestic affairs and the spreading of lying and divisive news." A cyberwar between Iran and China quickly erupted. Internet bases of the Iranian government, including the official websites of the president and Supreme Leader, were disrupted by hackers referring to themselves as the Honker Union for China.

Attacks on Iranian Sites
On 10 Bahman (January 30), the Iranian Cyber Army hacked the website of Radio Zamaneh. The site's front page was changed to a picture of the Islamic Republic of Iran's flag accompanied by the slogans "Ya Hosein (aleihum salam)" and "Persian Gulf" and the following text:

If the Leader commands, we attack
If he asks, we sacrifice ourselves
If he wants us to be patient and steadfast
We will sit down and take it in stride.

On 23 Bahman (February 12), those who tried to access the site of Jaras News, which publishes reports on the Green Movement, discovered this message from the Iranian Cyber Army on its front page: "Out of respect for the referendum which was held on 22 Bahman and the people who voted and out of respect for the great nation and country named Iran ... do not be a tool of those who live safe and sound in America and are using you as a tool."

A Prank on the Iranian Cyber Army
On 16 Bahman (February 5), the website Khodnevis, administered by Nikahang Kowsar, published the following in its satirical column "False News":

In an amazing and unprecedented step, the Iranian Cyber Army hacked
the Mehrabad Airport portal so that those who try to access the site,
namely airport workers, are directed to the Raja Rail Company when
they type in its URL. It is said that the attack occurred in the early
hours of the night and continued into Saturday, confronting the airport
with a serious crisis. The sudden occurrence of dozens of air
accidents in the skies over Tehran as a result of the tower's air
traffic control communications systems' failure was considered the
most dangerous consequence of the attack, threatening the
capital of Iran. Although experts believe that the attack was committed by
mistake and the technical difficulties were fixed an hour later, the
Iranian Cyber Army, after hacking the Mehrabad portal, placed a flag
of the Islamic Republic of Iran with a blue stripe [instead of the
green that properly runs across the top of the tricolored flag], along
with a message reading, "The Iranian Cyber Army warns all mercenaries
who would sell out their country that they will not be safe even in
the skies."

This satire, based in part on the real message left by the Cyber Army when it hacked Radio Zamaneh, was soon picked up by various Iranian news sites. Within a few hours later, rumors had spread that the Iranian Cyber Army had mistakenly attacked a government website, for which the group was widely ridiculed. Although the report was soon eliminated from the various sites that had first taken it from Khodnevis, the rumor continued to spread, to the point that several large companies immediately contracted with Internet security groups to strengthen their website firewalls.

The Reaction of a Government Administrator
Two days later, on 18 Bahman (February 7), Morteza Dehqan, acting manager of Tehran's Mehrabad Airport, addressed a group of journalists concerning the rumor. In the process of denying that an attack had been made on the airport's site, he called the reports "news blackmail," saying:

When foreign agents failed to achieve their filthy ends after the
elections, they tried to concoct a conspiracy based on an attack on
Tehran's international airport in order to disrupt the country's
security atmosphere. No such attack occurred on the airport's
website's portal and this news is a pure lie from start to finish. It
is clear that the counter-revolutionary media has discovered the
Iranian Cyber Army's power and, out of fear of its power, wishes to
launch accusations through which it can divert public opinion.

Nikahang Kowsar, who had already explained on Khodnevis the satirical origin of the rumor, reflected on Dehqan's pronouncement: "When Mehrabad Airport's acting administrator denied the report about the attack on that airport's website, he defended the Cyber Army's record, and we realized that our fake news had done its job. An official officer of the Islamic Republic defended the Cyber Army in such a way that it seems that this group is led by the [ruling] system."

The Formation of the Iranian Cyber Army
During the past eight years, many groups of hackers have formed in Iran, the best known of which include Ashiyaneh, Shabgard, and Simorgh. These groups, seeking notoriety and in competition with each other, have attacked various websites with near-complete impunity.

As reports of infiltration into government websites increased, the intelligence agencies became interested in the power of hacking tools and initiated a concerted effort to identify and control those employing them. The cooperation of identified hackers was sought in order to pinpoint and counteract their rivals. Hackers were eventually enlisted to teach their techniques to military technicians.

The Ashiyaneh collective was one of the first to join the circle of government-affiliated hackers. The group, including some of the country's most skilled hackers, set about wrecking the sites of the Islamic Republic's opponents. Reports of its activities were published in government media, such as Voice and Vision, Kayhan, and IRNA.

Alongside the hacker group's activities, nominally private companies have been established whose primary duty is to recruit infiltrating forces, train military personnel in cyber attacks, and import technology for the operation from Dubai. Among the managers of these companies is the son of a senior security officer. Running a company established through the military budget, he has been busy recruiting expert Iranian infiltrators and has begun to accept cyberwar projects.

How Group Members Are Chosen
The plan for the formation of an Iranian Cyber Army was raised in the Revolutionary Guards in 1384 (2005). As opposition to the government spread, the process of its realization was accelerated. The Cyber Army has a human resources unit in charge of recruitment. When a professional hacker is identified, the unit contacts him and threatens him with imprisonment if he does not cooperate. Individual relationships and the flow of information are so tightly controlled that many participants are not even aware that they have been recruited as government collaborators and members of the Cyber Army. 
The talent level of the Cyber Army is very high, and its record indicates a technical capacity comparable to similar groups operated by the American and Israeli intelligence agencies. Indeed, the Cyber Army is overseen by many of the same people who run the Revolutionary Guards' official cyberwar defense operation, the Center for Struggle with Organized Cyber Crime.

In Ordibehesht 1388 (May 2009), the Fars news service reported that the American military and security foundation Defense Tech had declared Iran's cyber forces among the five most powerful in the world, based on figures received from the CIA. Defense Tech estimated the Iranian Cyber Army's budget at 76 million dollars, and confirmed that it is run by a group from the Revolutionary Guards' cyber supervision team.

A Short Time to Execute Instructions
Iran's Cyber Army has so far not breached the servers of the websites it has targeted, but has contented itself with simply stealing access to their domains. This method indicates the temporal limitations under which the group operates. In the past few months, they have carried out orders using methods that can be executed swiftly. In the attack on Twitter, they hacked the computer of one of the company's officers with a Trojan horse and were able, by utilizing his email, to reset the domain of his control panel. The method was similar to that used in an attack five years earlier on a NASA website by an Iranian hacker group. In attacking Jaras and other Iranian sites, the Cyber Army has employed the DNS cache spoofing technique to divert traffic from the intended domain.

Photo: Not to be mistaken for the Greens, "Iran's Cyber Army" touts a Gmail address and flies a green flag for Shia's arch-martyr Imam Hussein.

No comments:

Post a Comment