U.S. Government Targets Computer-Using Abusers in Iran, Syria
U.S. Government Targets Computer-Using Abusers in Iran, Syria
24 April 2012
President Obama issued an executive order April 23 that targets people in Iran and Syria using information technology to commit human rights abuses.
The order places sanctions on people involved in computer or network disruption or who are engaged in monitoring that enables human rights abuses by the government of Iran or Syria, the U.S. Treasury Department said in an April 23 press release. The sanctions block any assets they may have in the United States and prohibit U.S. people from engaging in any transactions with them.
Sanctions were imposed on the Syrian General Intelligence Directorate
(GID) and its director, Ali Mamluk; Iran’s Ministry of Intelligence and
Security, Iran’s Islamic Revolutionary Guard Corps (IRGC), Iran’s Law
Enforcement Forces (LEF), the Iranian Internet service provider Datak
Telecom, and the Syrian communications firm Syriatel.
Ali Mamluk and the Syrian General Intelligence Directorate
Ali Mamluk, through the GID, has overseen a communications program
directed at opposition groups. The program included both technological
and analytical support from Iran’s Ministry of Intelligence and
Security. Mamluk worked with the Iranians to provide technology and
training to Syria, including Internet monitoring technology. Mamluk has
also requested Iranian training on social media monitoring and other
cyber tools for the GID.
The GID has been implicated in serious human rights abuses in Syria,
including arbitrary arrests, mistreatment of detainees and the death of
detainees while in GID custody. In one example from July 2011, GID
officers arrested and beat surrendered oppositionists after a firefight
at a school in Bukamal, Syria. The bodies of the prisoners were later
disposed of; some of them had bullet wounds and appeared to have been
mutilated with holes drilled into their arms, legs and shoulders.
The GID and Mamluk were originally sanctioned with an executive order in April 2011.
Syriatel
The Syrian government has directed Syriatel to sever network
connectivity in areas where attacks were planned and it also records
mobile phone conversations on behalf of the Syrian government. Syriatel
controls approximately 55 percent of Syria’s mobile phone market.
Syriatel was previously sanctioned in August 2011.
Iran’s Ministry of Intelligence and Security
The ministry has sought to identify members of opposition groups and
monitor their activities by obtaining their passwords. Ministry agents
have been responsible for the beatings, sexual abuse, prolonged
interrogations and coerced confessions of prisoners since the June 2009
elections in Iran.
The ministry was previously sanctioned in February 2012.
Iran’s Islamic Revolutionary Guard Corps
The IRGC’s Guard Cyber Defense Command includes a special department
called the Center for Inspecting Organized Crimes (CIOC). The CIOC
focuses on ensuring the regime’s vision of cyber security. The CIOC has
openly admitted that it would forcefully suppress anyone seeking to
carry out “cultural operations” against the Islamic Republic via the
Internet and that it monitors Persian-language sites for what it deems
to be aberrations.
The CIOC has taken an active role in identifying and arresting
protesters involved in the 2009 post-election unrest, particularly
people active in cyberspace.
The Iranian regime has identified and arrested many bloggers and
activists through the use of advanced monitoring systems, and the CIOC
inspects forwarded emails to identify people critical of the regime. The
IRGC’s cyber police focus on filtering websites in Iran, monitoring the
email and online activity of individuals on a watch list, and observing
the content of Internet traffic and information posted on web blogs.
Individuals on the watch list included known political opponents and
reformists, among others.
Individuals arrested by the IRGC have been subjected to severe mental
and physical abuse in a ward of Evin Prison controlled by the IRGC.
The Department of the Treasury previously sanctioned the IRGC in June 2011 and in October 2007.
Iran’s Law Enforcement Forces
Following the 2009 post-election protests, during which opposition
activists used the Internet and social media to document police
crackdowns, the Iranian regime identified and arrested many bloggers and
activists through the use of advanced monitoring systems. In January
2012, the LEF issued new regulations requiring owners of Internet cafes
to install closed-circuit television cameras and to register the
identity and contact details of users before allowing them to use their
computers. Given the LEF’s history of serious human rights abuses, its
efforts to monitor the Iranian public can reasonably be assumed to
enable human rights abuses by the Iranian government.
The Department of the Treasury previously sanctioned the LEF in June 2011.
Datak Telecom
The Iranian Internet service provider Datak Telecom has collaborated
with the Iranian government to provide information on individuals trying
to circumvent the government’s blocks on Internet content, allowing for
their monitoring, tracking and targeting by the government. Datak
regularly collaborated with the government to test surveillance
techniques.
Over the last two years, Datak provided ongoing technical surveillance
on Iran-based users of a popular commercial email service. Datak
undertook plans to carry out this type of attack on a larger scale, to
potentially include surveillance of millions of Iranian users.
Datak has also demonstrated planning to purchase equipment used to intercept Internet and