Summary of Iranian Advanced Persistent Threat (APT) 34

I’ve been learning about Information Security recently and taken a keen interest in cyber threat intelligence. Here is a paper I recently wrote on an Iran hacking organization.

Introduction

Iran is a Middle East nation controlled by an Islamic government. Since 1979, Iran’s national strategy is to become a regional power in the Middle East. However, their political actions and rhetoric against Israel and the United States have often caused reaction, often to the point of offensive operations against Iran.

Due to its limited formal military power and its understanding of its enemies’ military and political capabilities, Iran often chooses to push its international agenda through proxies, sponsorships, and clandestine forces. These organizations have a worldwide reach. They range from the directly controlled (the Iranian Revolutionary Guard Corps) to opposition pseudo-governments (Hezbollah in Lebanon) to minority revolutionary groups (Houthis in Yemen).

Iran in Cyber Space

Given the low cost, high impact of cyber operations, Iran has become a prominent actor in cyber space. They are responsible for some of the largest nation-state level attacks in the last 10 years.
Iranian hacking started small, defacing websites and bulletin boards and propaganda .