• Online, Instructor-Led

Once they have gathered sufficient information about the victim's interests, Iranian hackers use this knowledge to craft personalized phishing emails or messages. By tailoring the content to match the target's specific interests or concerns, they increase the chances of the victim falling for the trap. The phishing email may contain enticing content, such as an intriguing offer, urgent request, or relevant topic, designed to evoke the victim's curiosity or desire to take action. The email may include an attachment that, when opened, executes malware on the victim's device or redirects them to a malicious website. We start with funding and grey zone activities before moving to cognitive and information warfare actions and known APTs.

Learning Objectives

Iranian cyber capabilities and functions tend to target non-gov organizations with carefully crafted and personalized phishing emails. Better coordination between non-gov organizations and large tech companies is needed to address compromised social media accounts more promptly. More information sharing among groups about cyber security and emergency response to hacking incidents is also required. Through a combination of censorship, subsidies, and public statements, the Iranian government has demonstrated a clear preference for Iranian apps and platforms over their foreign counterparts. The concept of net neutrality does not have widespread support amongst Iranian internet users. With the exception of Aparat (an Iranian version of YouTube), Iran’s internet users tend to prefer foreign platforms to domestic ones – specifically staying away from Iranian apps such as the Iranian version of Telegram.

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):