Hackers strike Iranian government, releasing presidential documents
A group of hackers working against the Iranian government have struck again, this time with a second trove of documents obtained from the highest levels of the authoritarian regime.
Credit for the attack was claimed by the group calling itself “Ghiam ta Sarnegoun”, or “Rise to Overthrow”.
The attack follows a similar episode in early May, when the group defaced the website of Iran’s foreign ministry with messages in support of Maryam Rajavi, president-elect of the National Council of Resistance of Iran — a politician-in-exile with backing from many in the west, including in Washington.
Among the documents posted in the second attack, which were posted online on 29 May, were directives from the office of Iran’s president, Ebrahim Raisi. In one, addressed to a top security chief by Mr Raisi’s chief of staff, the president raises clear concerns about ongoing protests in the country that began last year in response to the killing of a young woman in police custody over her supposedly improper headcovering.
“In these incidents, in addition to the initial intelligence surprise of the September 1st, in particular the events of October 26, as well as the strikes and riots on November 15, 16 and 17 no prediction and prevention [options] were [presented], and the analysis were based only on general and imprecise estimates and calls in the social media,” reads one letter in part.
“To correct this process and prevent repetition of these surprises in the future what has been done? As the failure and end point of the enemy's project were not included on 7 and 8 of December reports of analyzes and predictions,” that letter continues, adding later: “Unfortunately, in recent months, the reports have mostly [been] describing the events of the streets and waiting to discover the surprising devices of the enemies.”
Other documents were equally unflattering. A second letter to an intelligence minister again signed by Mr Raisi’s chief of staff laid out known issues with Iran’s intelligence community including “incompetent and dependent managers”, “infiltration”, as well as “marginalisation and demoralisation of revolutionary forces”.
The Independent has not verified the documents in-house, although experts with the Computer Emergency Response Team in Farsi (CERTFA) have called the documents posted on 29 May from the latest hack legitimate.
Altogether, the document presents a revealing look at a beleaguered government that found itself largely unable to effectively stamp out demonstrations that swept across the nation in response to a major societal episode — in this case, the killing of a young woman, Mahsa Amini, by so-called “morality police” in the country. The assessment could bode poorly for the Raisi government should similar protests emerge in the near future.
The NCRI agreed in a statement to The Independent, arguing that the documents showed “the fragile state” of Iran’s security apparatus and “the fear and vulnerability of the regime”.
At the same time, other passages betray the Iranian regime’s continued confidence in its ability to evade or otherwise bear the cost of US sanctions, which were snapped back into place under the Trump administration and remain under the presidency of Joe Biden. If more than bluster, it’s a spark of good news for Iran’s government given the State Department and White House’s lack of success in reaching an agreement to reignite the 2015 nuclear agreement and the resulting low chance of those sanctions being dropped.
Mr Biden was heard telling a voter on a ropeline late last year that his administration views the accord signed under the presidency of Barack Obama (and his own vice presidency) to be dead.
“It is dead, but we are not gonna announce it,” he said at the time, quipping: “Long story.”
