Hezbollah is the most sophisticated and influential terrorist organization in cyberspace today. Although it was established by the IRGC’s cyber units and eventually it obeys Quds Force, Hezbollah’s cyber units are capable of working independently and to achieve successful results by themselves. The idea in Teheran for the establishment of this capability inside Hezbollah was to give optional diversity for future cyber-attacks worldwide without referring it to directly to Iran, and in parallel to tighten Iran’s grip on Lebanon. The Headquarters is in the Dahieh neighborhood in Beirut, and it’s supervised by key figures in Hezbollah and Quds Force. The most known cyber unit in Hezbollah nicknamed “Lebanese Cedar APT”. One of the things exposed it to the public was a cyber-attack launched in January 2021 that lasted for more than a year on telecommunications companies and internet providers in the United States and many other western countries. Lebanese Cedar’s trademark is to use a custom explosive remote access tool (RAT), which allows the group to avoid exposure and remain inside the compromised systems for long periods of time. During the Covid-19 pandemic, Hezbollah provided cyber education on information warfare to foreign recruits. In an effort to earn much-needed funds, Hezbollah trained young Arabs in the art of spreading propaganda and disinformation through online channels.
Name: Mohammad Ali Merhi (1984) Position: Head of the hacking team in Hezbollah’s cyber unit Lives in the Dahieh, Beirut
Name: Mustapha Abd Al-Karim Karnib (1989) Position: Hacker on Mohammad Ali Merhi’s team He has several years of experience in this field of operations.
Name: Hussein Assad Mansour (1992) Position: Hacker on Mohammad Ali Merhi’s team Son of the former mayor of Aaramta
Name: Ahmad Shawkat Fouani (1976) Position: Hacker on Mohammad Ali Merhi’s team
Name: Adam Ahmad Abdallah (1990) Position: An operative in Hezbollah’s cyber unit
Name: Ahmad Rateb Sabbagh (1986) Position: An operative in Hezbollah’s cyber unit
Name: Wassim Gerges Dahdan Position: An operative in Hezbollah’s cyber unit
Involved in malicious activity to collect sensitive information on companies, bodies, and citizens in Lebanon. He is also involved in disseminating Hezbollah’s propaganda on social media to influence public opinion in Lebanon. Dahdan carries out this activity under the auspices of a civilian company named AWT, a subsidiary of the Al-Manar station.
Dahdan visited Iran as part of the cooperation between Iranian intelligence bodies and Hezbollah on joint operations to collect intelligence and carry out activity against Lebanese government institutions and Lebanese citizens.
Name: MOHAMMAD EL OUTA (1989) Position: An operative in Hezbollah’s cyber unit
Name: Abdullah Kassir Position: Head of the “Electronic Army” unit
This unit operates directly under the supervision of Hashem Safieddine. This unit’s tasks are: Operate on social networks against Hezbollah’s opponents, Promote Hezbollah’s narratives with media campaigns, influence public opinion in Lebanon, carry out cyberattacks on Hezbollah opponents.
IRGC:
Lately some of the figures and units of the IRGC’s cyber warfare were exposed. The main unit called “Shaid Kaveh”. It is responsible for hundreds of the major cyber-attacks over the last years around the globe, such as the one in Albania last month, western vessels in the gulf, gas stations in the US, Boston Children Hospital and more. The “Iranian cyber army” which is basically the hacker groups that affiliated with the IRGC, is loyal to Khamenei and it has advanced capabilities to create damage around the world. The most important figure in this operating system is Hamidreza Lashkarian.
Name: Hamidreza Lashkarian (pronunciation Lashgarian) (1961) nicknamed Ibrahim Qazizadeh Position: Brigadier-general, Head of IRGC-Electronic Warfare and Cyber Defense Organization (IRGC-EWCD)
Head of IRGC’s unit Shahid Kaveh
(“Group 13” of Shaid Kaveh specializes in cyber-attacks of ship and gas stations)
He has a background of involvement in various IRGC intelligence operations against commercial navigation and other clandestine activities.
He is a university lecturer with published articles. Lives in Tehran
His wife, Fatima Zahraa Farkh works at Evin Prison.
Name: Mohammad-Bagher Shirinkar Position: Head of “Sayyad Project” –entity in IRGC’s cyber warfare.
He directed the cyber-attack on Albania’s international airport in Tirana in 2021.
Name: Mohammad-Hossein Shirinkar Position: Reportedly he is the Head of IRGC’s Intelligence Inspectorate at the IRGC’s Information Protection Inspection Unit
Brother of Mhammad- Bagher Shirinkar.
One of the main actors in the “Sayyad group”.
Name: Mehdi Hashemi Tughraljardi Position: Operator in IRGC’s cyber warfare.
He is the brother-in-law of the Shirinkar brothers.
Sanctioned by the US.
He is a CEO and member of the board of directors of a digital company in Tehran called ” Iliant Gostar “.
Name: Reza Salarvand (1992) Position: Head of the ‘Intelligence Group 13’ that is a sub-group within the IRGC’s Shahid Kaveh cyber warfare unit.
Salarvand’s team mission was to prepare a database of targets for cyberattacks, including cargo ships, gas stations and maritime control centers in the US and elsewhere. He has a bachelor’s degree in information technology engineering from the Southern Branch of Tehran’s Azad University.
You must be logged in to post a comment.