1. Introduction
• Contextualize the growing role of cyber tools in global conflict.
• Explain why the IRGC views cyber tactics as strategic assets.
• Define the report’s purpose: to examine IRGC cyber capabilities, methods, targets, and defenses.
2. Cyber Command Structures
• Overview of the IRGC’s cyber units:
• Cyber Electronic Command (CEC)
• Intelligence Org’s cyber divisions
• Affiliated hacker groups like the Iranian Cyber Army
• Coordination between IRGC, Basij, and Ministry of Intelligence.
3. Offensive Cyber Tactics
a. Infrastructure Attacks
• PLC attacks (e.g. Israeli water systems via “CyberAv3ngers”)
• Targeting utilities—electricity, rail, communications
b. Espionage Campaigns
• Hacking opposition figures, journalists, and diaspora leaders
• Techniques: spear phishing, credential theft, mobile spyware
c. Hack-and-Leak Operations
• Example: attempts to influence U.S. elections
• Leverage of socially engineered leaks aimed at political disruption
4. Propaganda & Information Warfare
• Fake personas and troll farms promoting IRGC narratives
• Campaigns—e.g., Scottish independence propaganda
• Disinformation tactics to sow discord in target audiences
5. Psychological Operations
• Digital fear tactics: website defacements, data destruction, DDOS
• Amplification through IRGC-produced statements tied to cyber incidents
6. Digital Repression Inside Iran
• Surveillance using homegrown apps (e.g. Soroush, Baleh)
• Monitoring activists via Telegram hacks and mobile exploitation
• State surveillance infrastructure backed by IRGC tools
7. Notable Cyber Incidents
• PLC hack advisory via U.S. CISA
• U.S. indictments for election interference
• Social-media expose of IRGC troll networks
• Major data breaches linked to cyber actors in Iran
8. Strategic Purposes
• Covert, deniable impact vs. kinetic strikes
• Defense of the regime from domestic or external threats
• Expansion of Iran’s soft-power and cyber deterrence
9. Global Implications
• Cyber threats targeting Western nations and allies
• Challenges posed to critical infrastructure security
• Role of IRGC cyber tactics in hybrid warfare globally
10. Countermeasures & Policy Recommendations
1. Strengthen cyber defense for critical systems
2. Share intelligence between nations
3. Sanction IRGC-affiliated cyber actors
4. Support cybersecurity training globally
5. Promote open-source monitoring of cyber threats
Conclusion
• Summarize the IRGC’s digital capabilities and ambitions
• Emphasize the need for global awareness and coordinated defense
• Highlight cyber resilience as essential to counter modern threats
Join Our Newsletter!
Stay informed with the latest updates, news, and ways to take action in the fight for justice and global security. Sign up now to get updates delivered straight to your inbox!
