What is life like as an Iranian hacker?

In his recent testimony before the Senate Armed Services Committee, National Intelligence Director James Clapper named Russia, China and North Korea as the top threats to US cybersecurity.

But another key cyber adversary was left out – the Islamic Republic of Iran.

Ever since the Stuxnet worm damaged Iran’s nuclear program in 2010, the country has been on a tear to build up its own offensive cyber program. It’s now one of the most aggressive nations when it comes to launching certain types of cyber attacks:

• 2012 – Saudi Aramco hit by wiper malware, 30,000 computers disabled
• 2013 – Hackers breach New York dam
• 2014 – Las Vegas Sands hit by a wiper malware attack

Iran is unique though, as a hacker nation, because it tends to rely more heavily than other countries do (ex: China) on decentralized, proxy groups to carry out its overseas attacks. In the government’s view, this gives it plausible deniability when attacks occur, but it also raises questions about how much control Iran’s government actually has over the hackers it is directly or indirectly supporting.

Because of this policy, however, hackers have a pretty good life in Iran. They’re relatively free to attack foreign targets, they have good jobs, they live out in the open and their work is celebrated. The old cliche of the hacker hiding out in a basement is nowhere less true than it is in Iran.

No need to hide.

There is no need for hackers in Iran to hide like they do in the west.

Unlike their counterparts in the US, Europe and (occasionally) Russia, “black hat” hackers in Iran don’t have to hide from government authorities and law enforcement. That’s because hacking isn’t illegal, as long as it’s being done for the government.

For this reason, Iran’s top hacker crews are able to lead very public lives, often with little to no attempt to conceal their activities.

They even post openly on popular Western, Russian and Iranian social networking sites, regularly sharing personal information, locations, employer and university affiliations, families and friends, etc.

Interestingly, Iran’s hackers aren’t big fans of Twitter. They prefer to use a number of other sites instead, two of which are Facebook and vBulletin forums.