Iran Hacks US Spy Sites

← Back to Stories (view on slashdot.org)

Posted by CmdrTaco on Monday March 15, 2010 @02:45AM from the because-they-can dept.

superapecommando writes "Iran's Islamic Revolutionary Guards Corps hacked into 29 websites affiliated with US espionage networks, Iran's semi-official Fars News Agency reported on Sunday. 'The hacked websites acted against Iran's national security under the cover of human rights activities,' Fars reported. It did not disclose details of the attacks. The Internet has been used by Iranian opposition groups who contested the results of last year's elections there to organize demonstrations and share information about protests and arrests. The Revolutionary Guards is a military group that was founded after Iran's 1979 revolution. The group includes conventional army, navy, air force, and intelligence units, as well as the Basij paramilitary force and various business units."

40 of 149 comments (clear)

Min score:

Reason:

Sort:

Not that I put a lot of trust in *our* reports by BadAnalogyGuy · 2010-03-15 02:49 · Score: 3, Insightful

I'm usually the first one to blame America when I see slanted reporting that seemingly puts our "enemies" in a very poor light, but this time I think we are looking at some pretty piss-poor Iranian folly.
Websites are passive. They respond to clients. They do not strike out on their own. So "hacking" them and shutting them down isn't really any sort of solution at all.
The Basij are a pretty rough security force compared to any typical military or paramilitary group. Despite their unprofessionalism, they are at the core of Iranian governmental security. They were instrumental in shutting down the election protests last year.
1. Re:Not that I put a lot of trust in *our* reports by nicolas.kassis · 2010-03-15 03:02 · Score: 3, Informative
  
  Well, I think what they were trying to prevent is those site providing information to the opposition inside the country. I don't think they meant attacking Iranian's IT infrastructure with websites. Just helping the opposition organize and give them information. In that sense I see why they would want to shut those sites down. On the other hand, I think those sites might be a good thing if they help the Iranian opposition group organize but I'm a biased westerner.
2. Re:Not that I put a lot of trust in *our* reports by NotBornYesterday · 2010-03-15 03:15 · Score: 5, Insightful
  
  Nice headline. These idiots make it sound like the Basji took down the firewalls at Langley and laid waste to the CIA's cyberwar infrastructure. More appropriate headline: "Iranian script kiddies take down website; blame US".
  
  --
  I prefer rogues to imbeciles because they sometimes take a rest.
3. Re:Not that I put a lot of trust in *our* reports by nomadic · 2010-03-15 04:51 · Score: 4, Insightful
  
  Nice headline. These idiots make it sound like the Basji took down the firewalls at Langley and laid waste to the CIA's cyberwar infrastructure. More appropriate headline: "Iranian script kiddies take down website; blame US".
  
  An even more accurate headline: "Iranian government takes down human rights websites, accusing them of 'espionage'."
Re:When are they by NotBornYesterday · 2010-03-15 02:59 · Score: 5, Informative

Who is the "they" you are referring to? Just to clarify, the Iranians themselves are claiming they hacked these sites, not the US.

--
I prefer rogues to imbeciles because they sometimes take a rest.
Re:Amazing by HungryHobo · 2010-03-15 03:01 · Score: 4, Informative

This still isn't a "cyberwar" this is just iran arresting human rights activists and calling them spies/traitor with a thin justification.
Anything governments try is still lost in the noise http://www.attrition.org/mirror/attrition/
Spy Websites?!? by nullhero · 2010-03-15 03:02 · Score: 3, Interesting

I thought the idea of being a spy was to stay hidden. Why would you have a site if you are a spy? Oh...I get it to prop up the idea of a cyberwar. So when you get hacked you can tell everyone , "See I told you it was true!". Of course my next question is for the Iranians: dude why would the United State operate a spy website? Do you really think that the US government would put sensitive info in a website? Of course we are talking about the United States so anything is possible.

--
Save Pangaea!! Stop Continental Drift!!
1. Re:Spy Websites?!? by HungryHobo · 2010-03-15 03:57 · Score: 2, Interesting
  
  I'm still thinking stenography over commonly used channels is still the least conspicuous way.
  I've spent the last few months working on a project that looks for manipulations in images and while it is possible to spot that some kind of stenographic message has been hidden in an image it's essentially impossible to differentiate between stenography and light manipulation(such as with photoshop or any tool which can blur/sharpen an image).
  At the very least they'd need a bank of computers the size of the moon to scan every image going in and out of the country for that kind of thing and the false positive rate.... well...
  Now given that the NSA has enough cryptographers to run rings around anything I can think of off the top of my head. At the very least I imagine they'd have a better system than logging on to a special website.
2. Re:Spy Websites?!? by sjames · 2010-03-15 04:12 · Score: 5, Informative
  
  They were only U.S. spy sites in the sense that officially no right thinking Iranian would be against the government, so it would have to be a CIA plot Q.E.D.
3. Re:Spy Websites?!? by GuruBuckaroo · 2010-03-15 04:33 · Score: 2, Informative
  
  Any serious spies are going to communicate through some deniable,encrypted,stenographic channel so my money is on these poor fuckers being genuine human rights activists who are just going to be called spies and shot.
  I think you meant steganographic there. Stenography is shorthand, steganography is hiding content in ways that hide the fact that there is hidden content at all.
  
  --
  Poor means hoping the toothache goes away.
4. Re:Spy Websites?!? by hey! · 2010-03-15 04:35 · Score: 3, Informative
  
  What they're talking about websites that are critical of human rights in Iran. Their contention is that all the bad news about Iran is a western psy-ops ploy.
  Calling such sites "spy websites" is not an oxymoron by any means. Spying isn't just about getting information; it's about planting disinformation too.
  The domains they are targeting mostly belong to one "KEYVAN RAFIEE", with a contact address in a small suburban condo building in Silver Spring MD. It is also the same address used for a small media production company. Some of the domains under that name have as contract address a private home in Woodland CA.
  Overall, this not inconsistent with this Mr. Rafiee being a private human rights activist, nor with him being a frontman for a US intelligence operation.
  That said, the most credible explanation is this is just disinformation on Iran's part. We've all seen the riots, which were definitely not staged. We've all heard the pronouncements of Mr. Ahmadinejad, which stink of propaganda. This does not mean *we* don't have our own propaganda, but it's clear that the Iranian government would try to portray any criticism as being from the CIA, especially given the CIA's unfortunate history in that country.
  
  --
  Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.
Re:Not 29 Web Sites by HungryHobo · 2010-03-15 03:04 · Score: 3, Insightful

Doesn't really matter, they could have been CIA fronts of they could have been genuine human rights stuff.
Either way the activists identified(or possibly spies) are going to be shot as traitors or spies.
Because US was using twitter as a weapon...? by ihatewinXP · 2010-03-15 03:05 · Score: 2, Interesting

Among other shady things we have been up to....
China (as well as Iran and Al-Jazeera) accused the US in state newspapers of using twitter to sow discord in Iran by creating accounts and distributing false information to get people whipped up during the protests. They even linked to a few of the particularly shady accounts that dont seem to really be people on the ground but gained thousands of followers by supplying news of people being shot in the street and leaders (falsely) being arrested.
It is no wonder that Iran and China have taken steps to limit the influence that the US can have in domestic affairs by simply creating a twitter troll account.
Information warfare on the web 2.0... Interesting stuff.

--
---- The real Slashdot is still here. You just have to browse at -1 to read the comments.
1. Re:Because US was using twitter as a weapon...? by HungryHobo · 2010-03-15 03:11 · Score: 2, Insightful
  
  There is no cyberwar but there is certainly a PR war.
Wordpress and/or plugin security issues? by dclozier · 2010-03-15 03:06 · Score: 2, Interesting

Considering some (all?) were using Wordpress the hacking may have been trivial depending on what plugins were in use. (or perhaps there is an unknown issue with Wordpress it's self)
There may not have been that much expertise needed in this "hacking".

http://74.125.95.132/search?q=cache:0KLjk6HUgUQJ:www.en-hrana.com/+EN-HRANA.COM&cd=1&hl=en&ct=clnk&gl=us&client=firefox-a
Worst summary ever by DJ+Jones · 2010-03-15 03:08 · Score: 4, Interesting
- A website is a passive entity that serves content; there's no such thing as a proactive-espionage-"attack" website. Grow up.
- They were Iranian human rights websites. The article says (in quotes) that the Fars news network drew a tie to US intelligence with no details to back up that claim.
- Fars news somehow linked this incident to other US funded groups that were arrested on a different occasion? with no citation.
First off, Fars news is the equivalent of Fox News in the US. They decide the news before it happens. Second off, the only thing worse than this crappy article with no references is CmdrTaco's poor summary of it that insinuates that the US was funding these sites even though the article says nothing about that being true.
1. Re:Worst summary ever by Sollord · 2010-03-15 03:26 · Score: 2, Informative
  
  As much as I dislike Fox News comparing them to fars news is just not fair.
2. Re:Worst summary ever by Anonymous Coward · 2010-03-15 03:37 · Score: 2, Funny
  
  As much as I dislike fars news comparing them to Fox News is just not fair.
3. Re:Worst summary ever by Low+Ranked+Craig · 2010-03-15 03:49 · Score: 3, Insightful
  
  Last time I checked Fars was the mouthpiece of the Iranian government, and Fox has been extremely critical of the current administration and congress. Your analogy is flawed. Also most of what is on Fox is commentary, not news. The "News" on Fox seems to be pretty much like the other news channels: sensational and fluffy with a sprinkle of pseudo-intellectualism.
  
  --
  I still cannot find the droids I am looking for...
4. Re:Worst summary ever by sjames · 2010-03-15 04:19 · Score: 3, Insightful
  
  Fox also decides what the news is rather than reporting it. They just happen to be attached to the Republican party rather than to the government in general.
5. Re:Worst summary ever by DJ+Jones · 2010-03-15 04:22 · Score: 3, Informative
  
  OK... and Fox News is the mouth piece of the Republican Party. The fact that Rupert Mudoch's media machine is openly against a democratic administration is not surprising to anyone. My analogy is not flawed, I merely alluded to the fact that the opinions put forth by both Fox News and Fars News are decided well before the facts are divulged. They are equivalent propaganda machines with heavy ties to one political party. Neither one can be considered a respectable "news" organization by any journalistic standards.
6. Re:Worst summary ever by Anonymous Coward · 2010-03-15 04:39 · Score: 2, Funny
  
  Hey Mr. Beck, how did you know it was me?! I guess our biases show. Things are going great over here. We killed another 500-1000 students today I think? I can't remember.. I usually stop counting after the first few hundred! Also we took down 12 US spy satellites, had a successful launch of a ICBM, and hacked into 142 websites run by US and Israel zionist spies. All in all I would say it was a great day.
7. Re:Worst summary ever by sjames · 2010-03-15 05:02 · Score: 2, Interesting
  
  I didn't say Fox is the only biased and inaccurate news out there. They're pretty much all screwed up one way or another. Fox just happens to be less subtle about it than some of the others. In the case of news that has no political spin value, they'll all spin it as sensational even if it's a non event.
  For example, Mir's gyrodynes failed, so it was rotating once every 90 minutes with respect to Earth. If it was critical, they could have used thrusters to correct it, but it wasn't worth the fuel. CNN called it "spinning wildly out of control".
8. Re:Worst summary ever by sjames · 2010-03-15 08:58 · Score: 2, Insightful
  
  It's amazing how much reality distortion can be created just by being selective in what is reported and what spin is put on it. "Man kills Seven in shootout" (While ducking to avoid a crossfire in a shootout the man stepped on some ants) or "LEAK DISCOVERED AT NUCLEAR PLANT" (in a toilet located in the administrative building).
  That's the problem, some (these days, most) news organizations don't just pick and choose just the stories, but what facts related to the stories that they report.
Not very impressive.. by Ziekheid · 2010-03-15 03:09 · Score: 2, Informative

Government related sites are hacked continously, it's just that only few stories actually arrive in "mainstream" media about it.
Have a look at the zone-h archive of defacements and note the number of .gov.X sites in the list: http://zone-h.org/archive/special=1
Flimsy excuse. by nten · 2010-03-15 03:15 · Score: 2, Interesting

It is only Iran saying that they were spy websites. Seems like a improvised excuse to censor their own populace to me. Not that they need an excuse, but excuses decrease the amount of resulting discontent. Just using the word "because" in a request has been shown to dramatically boost acquiescence. As has been discussed before, the young educated Iranians that tend to be the ones protesting are quite tech aware on average, it wouldn't surprise me if they set the sites up entirely themselves with no prodding. Iran is just as embarrassed about 'amateurs' making their jobs difficult as the superpowers are I'd guess. "Oh no! The sheeple can write html! We are doomed!"

--
refactor the law, its bloated, confusing and unmaintainable.
Bad Article Title by introspekt.i · 2010-03-15 03:15 · Score: 2, Informative

The title acts as if Iran actually did hack 29 US "spy sites" (wtf). Whether or not this is actually true remains to be seen. The article has a little trouble using quotations, or at least maybe that's how people do it in the UK? I don't mean that as an offense, but rather, in US papers we seem to pepper the articles with double quote marks.

It was not clear whether HRAI had ties to US intelligence organisations or whether the Fars report labeled them as such due to their apparent sympathy for opposition protesters. The Fars report did not tie any of the websites to a specific US government entity.
This article seems shoddy to me, as these claims are as of yet unsubstantiated. Why doesn't Iran use its magic firewall to block these sites instead of hack them? Smells like a publicity stunt against to me.
1. Re:Bad Article Title by rahvin112 · 2010-03-15 03:31 · Score: 5, Insightful
  
  The Iranian Government has been desperate to tie the current protests to US involvement. Without that connection they are beating up their own people, with the connection they are stopping "the great satan" from interfering in their internal affairs. I don't know why this surprises anyone, they put people to death a few weeks ago by saying they were working for the west. They are desperate to convince their own public that these election protests have been orchestrated by the US, in fact I would go so far as to say that the more paranoid members of their government are convinced of such and will do anything including manufacturing evidence of such to convince the general public they are right.
  If these protests are all internally comprised they are no better than the shah, and regardless of how they feel about things they don't want to have themselves compared to him. They greatly fear that what happened to the shah could happen to them, they must convince everyone that the US is involved so they justify their own repressive actions.
2. Re:Bad Article Title by LWATCDR · 2010-03-15 04:02 · Score: 2, Informative
  
  A terrible story with a terrible summary on the font page of Slashdot.
  So what else is new?
  Really I tend to give the slashdot some slack but this is just terrible. I mean really what are they thinking. And yes I know CW posted this trash but Slashdot doesn't have to repeat it.
  
  --
  See my blog http://ilovecookes.blogspot.com/ for light hearted technical information.
Re:Not 29 Web Sites by Critical+Facilities · 2010-03-15 03:15 · Score: 4, Interesting

I wouldn't be surprised if they were CIA fronts
That would surprise me. What wouldn't surprise me is if the 29 domains are all linked to the Iranian government. I think this is a ruse, designed to create the illusion that the Iranian government is a) capable enough to pre-emptively strike its "cyber attackers and b) to paint the Iranian government as a victim of attack, as opposed to the attacker.
Softhack by nten · 2010-03-15 03:23 · Score: 3, Interesting

So one side hacks computers because the other side is using computers to hack brains. I don't consider that just cause. Humans have built in firewalls against BS. Yes they can be overcome, but generally that is called persuasion, or deception depending on the validity of the information being uploaded. And keeping your populace sheltered from the outside might prevent the internet from hacking them, but in face to face conversations they will be even more vulnerable due to their ignorance.
On the bright side, I can't wait to watch the wars between cognitive dictatorships once we all upload.*
* Yes someone *has* been reading too much Stross.

--
refactor the law, its bloated, confusing and unmaintainable.
Re:When are they by Frosty+Piss · 2010-03-15 03:27 · Score: 2, Insightful

The 29 websites were identified in a statement (in Farsi) released on a website operated by the Revolutionary Guards.
Most of these sites redirected to one site. But in all cases, they are minor sites run by random people, just like 1,000,000,000's of others on the Interwebs with negligable or non-existent "security". These are mostly "here today, gone tomorow" type web sites. This hardly qualifies as serious hacking of secure government-backed web sites.

This is what's called "propaganda".

--
If you want news from today, you have to come back tomorrow.
I don't get these hacks by medv4380 · 2010-03-15 03:28 · Score: 2, Interesting

Why are all these government spy groups in China and Iran using traceable IP's? Why not just send their spy to any place in the EU or US with enough money to buy a laptop with a wireless connection and do their hacking by hopping on unencrypted wireless networks? It's like spy's are getting ultra lazy and sloppy. Like with the assasination in dubi a few weeks back. Why were the spys caught on camera? Didn't it dawn on them they they should have taken out the camera system to cover their tracks so that no one would know. Instead we have them playing James Bond in plain view of the camera. Espionage is about doing things that don't lead back to you and leaves doubt about who did it and why. Malicous Hacking tip 101 Don't use your own IP address to do any hacking.
Re:Amazing by badboy_tw2002 · 2010-03-15 03:40 · Score: 3, Insightful

FTFA:
----------
Human Rights Activists in Iran (HRAI). Information previously available on the site included a report on 400 Iranian opposition protesters that were arrested on 4 November, 2009, an Iranian holiday that marks the anniversary of the 1979 takeover of the US Embassy in Tehran, according to a cached version of the site.
It was not clear whether HRAI had ties to US intelligence organisations or whether the Fars report labeled them as such due to their apparent sympathy for opposition protesters. The Fars report did not tie any of the websites to a specific US government entity.
This is not the opening salvo of a cyber war you were looking for, move along.
----------
Its of course plausible that these were CIA fronts, but I'm going to go with "excuse to silence some critics", much like how they say every single one of the millions of protesters in Iran is a paid US operative dedicated to overthrowing the perfect religious dictatorship that no one would possibly be unhappy with.
Re:Amazing by HungryHobo · 2010-03-15 03:48 · Score: 3, Interesting

The military of a foreign government, with whom we have had less than cordial relations for at least 30 years, hacked some websites.
They claimed they were US spy websites.
They then proceeded to round up a bunch of people they didn't like and called them spies.
I'd call this business as usual in *insert oppressive nation*.
I'd question why the hell the Intel community would use open websites and specifically open websites which keep logs or in other way keep lists of all operatives.
The NSA has more cryptographers working for them than any other body on earth and you think they couldn't come up with a decent deniable, secure stenography scheme?
If you want to let someone communicate securely from inside hostile territory you don't give them a login to ultraspies.com and let the local government see their unusual connection to that site every week.
You hide your encrypted messages stenographically inside some lolcat pictures on some happy little facebook channel for people who love knitting.
(assuming you can find your arse with both hands and there is always the chance that the NSA and CIA can't manage that).
I'd say there's not much chance that the people arrested are any kind of real spies.
Re:Amazing by Trails · 2010-03-15 04:02 · Score: 2, Insightful

Mod parent informative please.
Just because Fars said it was a "us spy website" doesn't make it so, and in fact should lead one to believe it probably wasn't.
you mean "ALLEGED" by wisebabo · 2010-03-15 04:02 · Score: 5, Insightful

Never have I seen an article title more in need of the word "Alleged"
As in: Iran Hacks ALLEGED US Spy Sites
Like you are going to believe that "Iran's semi-official Fars News Agency" isn't going to make unsubstantiated claims? (I know double negative, but here it ain't wrong).
1. Re:you mean "ALLEGED" by GuruBuckaroo · 2010-03-15 04:26 · Score: 2, Interesting
  
  Not to mention "Claims". Proper headline, knowing where this article comes from, should be:
  Iran Claims it has hacked Alleged US Spy Sites
  Geez. This is like people believing the USSR's Pravda back in the Cold War.
  
  --
  Poor means hoping the toothache goes away.
Re:When are they by pcolaman · 2010-03-15 05:11 · Score: 2, Funny

Perhaps you should read the article.
You are new here, right? Let me show you around...
When does hacking become an act of war? by Japher · 2010-03-15 07:26 · Score: 2, Interesting

At some point (I think we're already there) our computer infrastructure becomes so important to a nation that a cyber attack could be construed as an act of war. I wonder how long it will be before we see a physical military response to a cyber attack. We've already seen evidence that China attacked Google's corporate infrastructure a few months ago. Is this really all that dissimilar than Chinese agents coming to the US and physically breaking into Google's buildings? To relate things to the article, if it could be shown that Iran was indeed attacking CIA sites, would the US be justified in bombing Iranian intelligence facilities? Just some food for thought.