The hacking was no surprise, but the fact that the Pasdaran would boast of high school hijinks raised questions about the sophistication of the organization.
Ali Saeedi-Shahrudi, the representative of the Supreme Leader to the Pasdaran, told the state news agency, “The hacking of a VOA homepage by the Iranian Cyber Army and leaving a message on the site for the American secretary of state shows the power and capability of the Pasdaran in the cyber arena. The United States can no longer claim that it is the bellwether of software and cyber technology.”
Since the announcement of the hacking was made by the Supreme Leader’s appointee, it served to elevate the incident of hacking above the Pasdaran and suggest it had the approval of Supreme Leader Ali Khamenehi.
The attack struck the main VOA site plus as many as 95 other VOA websites on February 21. The VOA did not say how many hours it took to restore normal service.
Shahrudi said, “The Americans enjoy high capabilities in missile technology, including cruise missiles, nuclear arms and other weapons, but that is not the case when it comes to software and cyber technology.”
He seemed to think that a simple hacking, which anyone with a reasonable knowledge of computers can carry out, demonstrated some high level technical accomplishment by the Pasdaran.
The attack last Monday was the type called Domain Name System (DNS). Under such an assault, the hacker takes over a website’s address and redirects all traffic to it to another site. In this case, people looking for VOA were greeted by a colorful poster headlined, “We have proven that we can,” which would sound to Americans like a Democratic rejoinder to President Obama’s 2008 campaign slogan, “Yes, we can.”
The text continued in very broken English, “Mrs. Clinton Do you want to hear the voice of oppressed nations will from heart of USA ? Islamic world doesn’t believe USA trickery . We call on you to stop interfering in Islamic countries .”
This is not the first time that the Iranian Cyber Army has launched a hack attack. But it is the first time it has been formally linked to the Pasdaran by the Pasdaran itself—a fact that could cause some problems for the Pasdaran.
In January 2010, the Iranian Cyber Army hacked Baidu, China’s main search engine and competitor to Google. That prompted the Iran Times to speculate that the hacker might not be Iranian at all since there was no reason for Iran to target a purely Chinese institution. Now the Chinese government might want some answers from Iran.
In December 2009, the Iranian Cyber Army attacked the Twitter website. It took Twitter five hours to restore service to normal.
At that time, a source close to the U.S. Department of Homeland Security said the Iranian government was probably not involved because the breach was so unsophisticated. James Lewis, a member of a cyber security think tank effort for the Center for Strategic and International Studies, said the attack might have come from a group sympathetic of Tehran’s regime. “This is ham-handed so it’s probably not the Iranian government,” Lewis said in a statement.
Now the Pasdaran have ended the mystery.
The other main type of unsophisticated attack on a website is called Denial of Service. In those attacks, hackers direct so much traffic at a site that its server is overwhelmed. In effect, access to the targeted site is jammed.
Neither kind of attack takes much skill. It isn’t clear what the Pasdaran thought it would gain by boasting of its mastery of what are essentially sandbox-level computer skills. It is possible the ignorance was on the part of Shahrudi and not the Pasdaran’s cyber attackers, and that he boasted without realizing the embarrassment he has now caused.
The VOA said the website attack was the latest example of interference from Iran. Its satellite broadcasts into Iran have been hit in recent months with extensive jamming, which involves more skill than the website hackers.
A week before the website attack, Radio Farda faced a denial of service attack on its phone lines in which automated calls clogged Radio Farda’s answering machines. The calls played a minute of speeches in Farsi before hanging up.
Dana Perino, a member of the US Broadcasting Board of Governors (BBG), which oversees all US broadcasting abroad, took the attack as a sign that the BBG’s Farsi programming is having an impact inside Iran.
“There’s a saying that a hit dog hollers. That can be applied to whoever tried to cut off access to VOA.… Technology is chipping away at the stranglehold on free and fair information inside Iran.”