Iranian Spies Trained By Russia Hack State Department Officials After Arresting Dubai Executive, US Imagines

In many respects, 2015 has been the year of the cyberwars. 

Over the past nine months, Washington has gone out of its way to identify a list of hacker adversaries and predictably, The Pentagon has identified the “usual suspects” (so to speak). Apparently, China, Iran, Russia, and North Korea are behind the vast majority of the “breaches” and indeed, hacking has become one of the most contentious issues between Washington and Beijing. 

To recap, attacks emanating from China have allegedly resulted in the theft of a number of US corporate “secrets” not to mention all manner of sensitive data from the OPM. Meanwhile, “Russian crime syndicates” were blamed for burglarizing the IRS earlier this year while Washington pinned the blame on North Korea for a stunt that sabotaged a Seth Rogen and James Franco premier. 

Now, after the arrest of “an energy industry executive” named Siamak Namazi, in Tehran, the US says the IRGC has targeted Obama administration officials with an aggressive hacking campaign. WSJ has more:

Obama administration personnel are among a larger group of people who have had their computer systems hacked in recent weeks, including journalists and academics, the officials said. Those attacked in the administration included officials working at the State Department’s Office of Iranian Affairs and its Bureau of Near Eastern Affairs.


“U.S. officials were among many who were targeted by recent cyberattacks,” said an administration official, adding that the U.S. is still investigating possible links to the Namazi case. “U.S. officials believe some of the more recent attacks may be linked to reports of detained dual citizens and others.”


Friends and business associates of Mr. Namazi said the intelligence arm of the IRGC confiscated his computer after ransacking his family’s home in Tehran.



The IRGC cyberattacks are the latest sign that hard-line factions inside the regime, including the military and office of Supreme Leader Ayatollah Ali Khamenei, haven’t moderated their hostility toward Washington despite the landmark accord between Iran and six global powers including the U.S. Mr. Khamenei has repeatedly claimed in recent weeks that the U.S. was seeking to use the agreement, which constrains Iran’s nuclear program in exchange for the lifting of international sanctions, to undermine and weaken the country’s Islamist government.


The arrests of Mr. Namazi and a Lebanese businessman with a U.S. green card have sparked new criticisms from Congress of the nuclear accord.


Some lawmakers have called for the White House to ramp up sanctions on the IRGC, a move that Mr. Khamenei has said would violate the nuclear deal.


Computer experts have noted that by hacking a target’s contacts—particularly their social-media accounts—the number of people associated with that target can grow exponentially. If the target’s Facebook account has 200 friends, and each of those had 200 friends, a skilled hacker could potentially gain access to 40,000 users—even if most of them aren’t actually associated with the original target.


In so doing, the Iranian hard-liners could try to amass a case based on people with some digital affiliation to an individual who, in reality, are several times removed as friends of Facebook friends or followers of Twitter followers, according to computer experts.

Namazi is the head of strategic planning at Crescent Petroleum Company and according to a piece WSJ penned when he was arrested in October, the Namazi family - which owns an umbrella organization called Atieh that includes advisory groups for foreigners looking to crack the Iranian market - is "at the heart of efforts to link Iran’s economy with the outside world."

As The Journal goes on to document, Namazi's detention comes after the arrest and subsquent conviction of Washington Post Tehran Bureau Chief Jason Rezaian who Tehran claims is (or at least "was") the head of a "spy ring." His family says the allegations are nonsense. 

The IRGC has used cyberwarfare against other Iranian-Americans and people tied to them in recent years, including Washington Post Tehran Bureau Chief Jason Rezaian, according to family members.


In the days surrounding the journalist’s arrest in July 2014, Iran’s security services gained access to the social-media accounts of Mr. Rezaian and his Iranian wife. They tried to use the sites to communicate with third parties and connect them to their investigation, family members said.


“The Iranian security services attacked Jason’s and his wife’s computers both before and after they were taken,” said Ali Rezaian, the journalist’s brother. “Iranian authorities used Jason’s social media in an attempt to engage and entrap his friends.”

Obviously, the timing of Namazi's arrest raises a number of questions, as does the following passage:

U.S. officials say the IRGC has developed an army of cyberattackers, trained by Russia, who have focused on targets as varied as Wall Street banks, Saudi oil companies and both internal and external opponents of the regime. A spokeswoman for Russia’s Foreign Ministry denied Moscow trained Iranians in cyberwarfare and said such attacks are illegal under Russian law.

So, just as Iran is seeking some $100 billion in investment for its oil and gas industry, the IRGC has decided to arrest an executive with designs on channeling money into the country and then subsequently, Tehran allegedly used his computer to hack "Obama administration personnel." 

To be clear, we're not suggesting that this isn't a witch hunt orchestrated by the Ayatollah. Although geopolitical events that have unfolded over the past two decades certainly seem to suggest that siding with the Saudis and ostracizing the Iranians might have been a poor decision on Washington's part for all kinds of reasons, we'll be the first to admit that Namazi isn't likely to receive anything that even approximates a fair trial in connection with his "crimes." 

Still, it's interesting that all of this began to unfold less than 30 days after Russia began its air campaign in support of Iranian ground troops in Syria and now, the Western media claim the IRGC (which has fighters on the battlefield near Aleppo) has a team of hackers trained by The Kremlin who arrested a UAE exectuvie (don't forget, the UAE has boots on the ground in Yemen fighting the Iran-backed Houthis) and subsequently used his computer to hack the Facebook pages of State Department officials. Or at least that's what the above seems to suggest.

In any event, there's no telling what's actually going on here and indeed we may never know the whole story, but it's worth reiterating that this was an executive who, according to what WSJ describes as an "Iran-focused" website, had become increasingly concerned with "gas matters." 

And we all know that when it comes to Mid-East current affairs, "gas" does indeed "matter."