April 7, 2016 Special Dispatch No. 6379

Former 'Al-Sharq Al-Awsat' Editor 'Abd Al-Rahman Al-Rashed On 'Iran's Cyber Crimes'

April 7, 2016
Iran | Special Dispatch No. 6379

Following the March 24, 2016 indictment of seven Iranian hackers for attacks on U.S. financial institutions and on the Bowmen Avenue Dam near Rye Brook, New York, 'Abd Al-Rahman Al-Rashed, former editor of the London-based Saudi daily Al-Sharq Al-Awsat, published an article on In the article, "Iran's Cyber Crimes," he lamented the fact that the Iranian regime itself was not being held accountable for these attacks, which were carried out by hackers tied to Iran's Islamic Revolutionary Guard Corps (IRGC), and also mentioned the 2012 Iranian cyber-attack on the Saudi Aramco oil company, claiming that it was an attempt to damage the Saudi economy. He also called for classifying such state-backed cyber-attacks as terrorism and prohibit them under international law.

Following is his article, which was published March 28, 2016:[1]

"If engineers at a dam in New York hadn't disconnected water gates from its electronic control center for maintenance work, a major disaster would have happened. On that day, hackers said to be belonging to the Iranian Revolutionary Guard managed to hack the dam's electronic control center in order to unlock its gates and drown the area.

"A court - which heard this case and other cyber-attacks targeting financial institutions - revealed dangerous plots to attack vital installations in the country.

"Unfortunately, only the direct perpetrators were accused in these cases and no charges were framed against the Iranian regime, which should have been held responsible for those attacks. Threatening action against regimes involved in cyber-attacks, whether Iranian or any other, builds deterrence against similar attacks in the future.

"However, this wasn't the only case of its kind. Other parts of the world have also come under similar attacks. The most dangerous was a similar group hacking the system of Saudi Aramco, which produces and exports the biggest quantity of oil in the world. Hackers tried to gain control of around 35,000 computers, which run the system. However the company quickly suspended most of its operations and regained control over the systems.

"Cyber-attacks are regarded as aggression by one country against another although it has not been categorized as such by international organizations such as the United Nations - though many agree that it is tantamount to dangerous crimes.

"American authorities have considered major cyber-attacks as terrorist operations and the U.S. federal grand jury accused the seven Iranian hackers of terrorism, the maximum charge which can be made against them. However, only the perpetrators stand charged and not those standing behind them. The hackers' cells usually work within a system linked to the Iranian security institution and it has several activities aimed at targeting vital institutions, like those related to oil, power, water and aviation, and even nuclear facilities, in countries, such as the U.S., which Iran considers hostile.

"Targeting civil facilities to sabotage them and harm civilians are acts of terrorism, prohibited internationally even in times of war. One of the cell members, Hamid Firoozi, attained information about water levels and managed to open the gates. If they were not manually deactivated the area overlooking the dam could have been drowned. If the U.S. prosecution had considered those inside Iran responsible for these cyber-attacks, and not just the seven individuals, a mechanism would have evolved to fight cyber terrorism.

"No information has been revealed about the Aramco incident, which took place in 2012. The damage was limited because the hackers targeted the company's administrative system and not the computers tied to oil production. Their aim was to hit Saudi Arabia's oil production and sabotage the company's facilities. The bigger aim was to hamper the Saudi economy.

"Two years ago, a report was released on organized cyber-attacks being carried out by groups linked to the Iranian Revolutionary Guard. These attacks targeted facilities in 16 countries, including American military zones. All these are terrorist activities planned by countries and not by independent terror cells or gangs. They should be categorized as per international law and their activities should be declared prohibited."


[1], March 28, 2016. The original English of the article has been lightly edited for clarity and standardization.

Share this Report: