Mohammad Reza Farajipour, speaking in an interview with the website of the Strategic Council on Foreign Relations, referred to the volume of cyber-threat attacks to countries and noted: We are living in a period of strategic competition in this area. Our country also faces many challenges from the enemies. Using their capabilities and capacities, they try to limit our movements, especially in the Axis of Resistance, and prevent the Islamic Republic of Iran from gaining access to superior power and strategic advantages in the region.

He added: Governmental and non-governmental actants are not only developing such capabilities, but sometimes they operate them at the regional level and against some countries, including our own country. Those capabilities cover all areas of battle and cross the borders of countries in cyberspace.

The deputy of Iran Cyber Defense Command cited intrusion into data networks, maximum domination of social networks and their complete control, information manipulation, cyber-attacks and economic sanctions, among other measures and continued:  Of course, in appearance, those actions are lower than the traditional threshold of war, and often have an acceptable denial, enabling actants to carry out offensive actions without the possibility of attribution and with maximum anonymity.

However he stressed must be borne in mind that emerging advances in the areas of materials, high-performance computing power, robotics, artificial intelligence and biotechnology, increase military and technology capabilities of the enemy, and create other challenges.

US, Zionist regime attempting to gain access to Iran’s infrastructures

Farajipour said: The United States, the Zionist regime and their regional allies are trying to increase their operational access to our infrastructures by taking advantage of the opportunities provided by advancements in cyberspace-related technologies. They are even using the situation created by the COVID-19 epidemic to advance an information war aimed at weakening Iran and imposing economic and political conditions to their advantage.

Saying that their allies in the region are also seeking to expand their military capabilities and advance their regional goals, he noted: Those countries are working with the United States to take operational action against us, other countries and resistance groups. Terrorist threats are remaining, and maintaining a high level of vigilance to protect national interests is an inevitable necessity.

Referring to the importance of cyber offensives and defensives for countries, Farajipour explained: Today, many countries are launching offensive cyber operations. They either launch cyber-attacks with a preemptive approach or launch offensive operations to retaliate against them. Although the impact of those cases may seem short-lived, it can lead to more insecurity and instability in cyberspace.

Importance of offensive cyber operations

According to the deputy Cyber Defense Command, in a situation where all kinds of cyber-attacks are carried out by some countries and groups under their secret support, offensive cyber operations can help deter and protect the basic assets of countries against illegal and security disrupting activities of others.

Noting that the proactive cyber defense means taking action to counter cyber-attacks through cyber and cognitive domains, he said: This type of defense represents the layer between defensive and offensive actions. In that layer, there are measures such as deterring the attacker, disrupting his activities or preventing start of the attack, or preventing the threatening preparedness for attack, either preventively or in self-defense. Common methods include cyber deception, assignment, threat hunting, and pursuit of the attacker.

Emphasizing that cyber-attacks can be planned to repel an attack (active defense) or support operational measures, Farajipour added: Active proactive cyber defense is different from active defense in terms of predictive defense, in which case the actant does not wait for the attack to occur. The difference between active cyber defense and offensive cyber operations (OCO) is that in offensive state, special legal permissions or executive powers are required. Thus, although offensive cyber capabilities may be developed with the collaboration of industry or facilitated by the private sector, the principle of operation is often carried out by governments. Of course, there are some exceptions, especially in cases of self-defense or with judicial authority or assistance to the enforcement of law.

He continued: The idea that cyberspace is a good place for the offensive has become very widespread among policymakers and analysts, many of whom use this assumption as an argument to prioritize offensive cyber operations. Of course, the belief in the preference of offense in cyberspace is understandable for several reasons, including violation of information systems security has become a common practice; from day-to-day identity theft to well-publicized hacks.

Disadvantages of focusing on offense

Meanwhile, Farajipour added: Focusing on the offensive, increases international tensions and countries’ readiness to launch a counterattack after a cyber-attack, and this often increases cyber vulnerabilities. Belief in cyber-attack preference is not based on a clear idea or empirical measurement of the balance of defense and attack.

He attributed the useful idea of ​​cyber defense and offensive balance to cost-benefit analysis, and asked: Are the benefits of the offense less than the cost of the offense, and what is the ratio of defense costs to its benefits? The complexity of cyberspace technology leads to increased defense costs; but the costs of attack and defense are ultimately shaped by the complexity of the targets of the attack, the objectives of defense, and the ability of organizations to manage this complexity. Organizational skills can shift the cost of cyber operations to defense. In addition, while violating information systems is easy and can be done at a relatively low cost, achieving physical effects is much more difficult and costly.

Optimists and pessimists to cyberspace

Emphasizing that the most important necessity is to understand the real meaning of cyber threats, about which there are disagreements even among the scientific community, Farajipour stated: One view considers cyberspace as an opportunity and does not respond to its threats; this group is called the Optimist Group. Another group sees cyberspace as a threat and strongly advises others to avoid it; we call this group the Pessimists. It is interesting to note that even in the “cradle of the Internet”, that is the United States, there are these two types of attitudes.

The Deputy Cyber Defense Command, referring to popular schools of thought on the effect of the Internet on political changes said: On the one hand, there are those who believe that technology has certain characteristics that will promote democracy around the world, and on the other hand, there are those who believe that the Internet strengthens the authoritarian tools and political repression. Both views attribute a decisive role to the Internet, which is inconsistent with its neutral nature. In contrast, the effects of the Internet on political change depend on the context and ability of the actors who use it.

Saying that advances in technology not only bring various benefits to a number of people, but also cause serious problems, especially if the technology is not used properly, he added: For example, the development of the Internet and other technological innovations, such as the three giant search engines; Google, Yahoo and MSN have led people to a world where they can do extra work without sacrificing other daily tasks.

Farajipour addressed the positive effects of the Internet communications in the field of education and at the same time said: Improper use of this technological advancement can have devastating effects on education and community developments. Issues related to individual rights and intellectual property are some of the academic concerns that always appear in the world of education.

He added: Using the Internet to threaten communities or commit cybercrimes, including stealing people’s information and illegally hacking their financial resources in any way, is considered a serious crime that should be stopped, and for this purpose, it is insisted that people should only use this technology non-criminally.