Iran Democracy Monitor No. 236

August 8, 2024 Ilan I. Berman
Related Categories: Cybersecurity and Cyberwarfare; Intelligence and Counterintelligence; Islamic Extremism; Terrorism; Warfare; Corruption; Iran; Israel; Middle East

THE ISLAMIC REPUBLIC SETS ITS SIGHTS ON THE HASHEMITE KINGDOM
Since October 7th, Israeli officials have asserted that Iran's clerical regime played an instrumental role in laying the groundwork for the rampage carried out by Palestinian terror group Hamas. They have also warned that Tehran is continuing to leverage its proxies to target the Jewish state in multiple ways. But Israel isn't the only country in the Islamic Republic's crosshairs. Neighboring Jordan, too, is being destabilized by the Iranian regime, a new report alleges.

"The Islamic Republic of Iran is stoking violent discontent against the Hashemite Kingdom, with a view toward gaining control over Jordan as part of an expanded 'Shiite Crescent,'" writes Benjamin Weinthal in an analysis for Iran International. Citing recent research by the Middle East Media Research Institute, he notes that Iran's plan involves a variety of activities – from orchestrating street protests to organizing Jordanian militants – with the objective of destabilizing the government of King Abdullah II. With former U.S. officials and diplomats as sources, Weinthal highlights that, amid the ongoing war in Gaza, the regime in Tehran is seeking to expand its influence (and potentially open another front against Israel) at Amman's expense. (Iran International, August 4, 2024)

THINKING BEYOND "NOOR"
Back in September 2022, the death of Kurdish-Iranian activist Mahsa Amini at the hands of the Iranian regime's morality police touched off a groundswell of popular discontent, with Iranians from all walks of life protesting the Islamic Republic's draconian religious edicts. The protests put Iran's government on the domestic back foot, at least temporarily. Over time, however, Iranian authorities managed to reassert control, and subsequently to intensify their clampdown on the freedoms enjoyed by the country;s women. To that end, back in April, authorities launched "Noor," a new initiative to more stringently police female dress through stepped-up morality police patrols, fines and penalties.

Now, Iran's regime is doubling down on "Noor" with a follow-on scheme that aims to expands its scope and breadth. Dubbed "Tuba," the new three phase plan is said to involve the training of some 1,500 "missionaries" to proselytize a "culture of chastity and hijab" in schools and education centers around the country. A particular focus of the new effort appears to be the country's youth, a demographic which has proven itself particularly resistant to, and dismissive of, religiously-imposed curbs on female dress. (Shargh, August 4, 2024; Iran International, August 6, 2024)

A NEW ROUND OF IRANIAN CYBER-SPYING...
MuddyWater, an online espionage group of Iranian origin, is the latest threat keeping cybersecurity professionals in Israel and other Middle Eastern countries busy. MuddyWater has reportedly been targeting organizations in nations throughout the region via a new malicious software dubbed BugSleep. According to Tel Aviv-based intelligence company Check Point, the Iranian campaign has sent more than 50 spear phishing emails to hundreds of people across 10 sectors since February 2024. The deployed malware "allows hackers to remotely execute commands... and transfer files between the infected device and the attacker's servers," likely serving as a replacement for remote management tools (RMM), which MuddyWater previously relied on but have become subject to increased monitoring by security vendors. (The Record, July 16, 2024)

...AS ISRAEL-IRAN TENSIONS GO DIGITAL
Rising tensions between Israel and Iran in the wake of an Israeli campaign of targeted strikes on proxy elements across the Middle East have set the region on edge, and laid the groundwork for a wider war. In most respects, though, that conflict has yet to break out into the open. A notable exception is cyberspace, where Tehran and Jerusalem are already engaged in overt hostilities. As part of that digital front, an Israeli hacker group has claimed responsibility for a spate of WiFi outages across the Islamic Republic. The group, known as "We Red Devils Original," has been active throughout the course of the Israel-Hamas war, and has claimed to have also deployed software capable of putting Iranian infrastructure and facilities at risk. "We managed to get our hands on vital and sensitive software that we will not go into detail about here, we are sure that Iran already understands the extent of the damage it currently has," the group has warned on its Telegram channel. "As we know and have seen in the past such rigs and reactors in certain cases can cause mass destruction in the event of internal leaks or overheating." (Jerusalem Post, August 2, 2024)