Iran's Armed Forces General Command said in a statement on Monday that cyber-threats from "any government, group or person and at any level” will be "mightily reciprocated,” warning about cyber operations from foreign countries in "political, economic, social or cultural" areas, including elections.
Iranian authorities have admitted on several occasions that the country's online infrastructure had been targeted by other governments, but always claimed that the cyberattacks were unsuccessful.
In June and July, a series of suspicious explosions and fires broke out across the country, including a massive explosion at Iran's main nuclear establishment in Natanz and another explosion at a military site near Tehran, incidents that some said could have been caused by cyberattacks. Earlier in February, an official of the Telecommunications Infrastructures Company had admitted that a cyberattack had disrupted Internet services but eventually was repelled, with experts calling the botnet attack "massive".
From the text of the Armed Forces General Command’s statement, however, it appears that Iranian authorities are concerned about more than DDoS attacks, including botnet attacks to steal data, send spam, access the device and its connection, or other forms of sabotage. The statement broadens the definition of “attack” to include just about anything involving the medium of the Internet that Iranian authorities may perceive as hostile or as a "threat to national security.”
The statement declares that the Armed Forces believe that territorial sovereignty and jurisdiction of states apply to "all areas of their cyberspace,” and that any deliberate use of cyber influence "with or without physical consequences" will be reciprocated. These acts include any outside cyber activity "which poses a threat to national security" or "causes instability, whether political, economic, social or cultural,” which the statement calls "violations of the sovereignty of the state.”
The statement also stresses that cyber interference with the aim of "regime change," including "cyber-manipulation of elections or engineering the public opinion ahead of an election," can be considered "plain intervention.”
The current U.S. administration, which has taken a tough stance against Tehran, endorses regime change in the country, and has based its traditional and social media propaganda against the Iranian regime around the same principle.
"Cyber operations that target websites in order to provoke tension and conflict in a state or the use of the cyberspace to send messages on a wide scale to voters to influence election results can be considered as examples of banned intervention," the Armed Forces statement says.
Recently, the U.S. State Department's Reward for Justice Program sent a message to some Iranians asking them to provide information on foreign attempts to interfere in U.S. elections "through computer fraud or hacking" in return for a cash reward. The message was sent to mobile phones of a population which appeared to be social media users.
In October 2019 Iran’s Passive Defense Organization Chief Brigadier-General Gholamreza Jalali said that “America has started its cyber war against Iran" without providing more details, but vowed to ward off the threats through "cyber defense.” In May 2019, he alleged that the U.S. used social media for media-based and psychological operations "to influence Iranians’ minds.”
Iran considers U.S. government-affiliated media such as Radio Farda, Voice of America (VOA) and the BBC Persian TV channels and websites as hostile, seeing them as tools in service of affecting regime change and manipulating public opinion in Iran. Journalists working for these outlets and even their families in Iran are often threatened and harassed.