Skip Global Navigation to Main Content

U.S. Government Targets Computer-Using Abusers in Iran, Syria

24 April 2012

Washington — President Obama issued an executive order April 23 that targets people in Iran and Syria using information technology to commit human rights abuses.

The order places sanctions on people involved in computer or network disruption or who are engaged in monitoring that enables human rights abuses by the government of Iran or Syria, the U.S. Treasury Department said in an April 23 press release. The sanctions block any assets they may have in the United States and prohibit U.S. people from engaging in any transactions with them.

Sanctions were imposed on the Syrian General Intelligence Directorate (GID) and its director, Ali Mamluk; Iran’s Ministry of Intelligence and Security, Iran’s Islamic Revolutionary Guard Corps (IRGC), Iran’s Law Enforcement Forces (LEF), the Iranian Internet service provider Datak Telecom, and the Syrian communications firm Syriatel.

Ali Mamluk and the Syrian General Intelligence Directorate

Ali Mamluk, through the GID, has overseen a communications program directed at opposition groups. The program included both technological and analytical support from Iran’s Ministry of Intelligence and Security. Mamluk worked with the Iranians to provide technology and training to Syria, including Internet monitoring technology. Mamluk has also requested Iranian training on social media monitoring and other cyber tools for the GID.

The GID has been implicated in serious human rights abuses in Syria, including arbitrary arrests, mistreatment of detainees and the death of detainees while in GID custody. In one example from July 2011, GID officers arrested and beat surrendered oppositionists after a firefight at a school in Bukamal, Syria. The bodies of the prisoners were later disposed of; some of them had bullet wounds and appeared to have been mutilated with holes drilled into their arms, legs and shoulders.

The GID and Mamluk were originally sanctioned with an executive order in April 2011.


The Syrian government has directed Syriatel to sever network connectivity in areas where attacks were planned and it also records mobile phone conversations on behalf of the Syrian government. Syriatel controls approximately 55 percent of Syria’s mobile phone market.

Syriatel was previously sanctioned in August 2011.

Iran’s Ministry of Intelligence and Security

The ministry has sought to identify members of opposition groups and monitor their activities by obtaining their passwords. Ministry agents have been responsible for the beatings, sexual abuse, prolonged interrogations and coerced confessions of prisoners since the June 2009 elections in Iran.

The ministry was previously sanctioned in February 2012.

Iran’s Islamic Revolutionary Guard Corps

The IRGC’s Guard Cyber Defense Command includes a special department called the Center for Inspecting Organized Crimes (CIOC). The CIOC focuses on ensuring the regime’s vision of cyber security. The CIOC has openly admitted that it would forcefully suppress anyone seeking to carry out “cultural operations” against the Islamic Republic via the Internet and that it monitors Persian-language sites for what it deems to be aberrations.

The CIOC has taken an active role in identifying and arresting protesters involved in the 2009 post-election unrest, particularly people active in cyberspace.

The Iranian regime has identified and arrested many bloggers and activists through the use of advanced monitoring systems, and the CIOC inspects forwarded emails to identify people critical of the regime. The IRGC’s cyber police focus on filtering websites in Iran, monitoring the email and online activity of individuals on a watch list, and observing the content of Internet traffic and information posted on web blogs. Individuals on the watch list included known political opponents and reformists, among others.

Individuals arrested by the IRGC have been subjected to severe mental and physical abuse in a ward of Evin Prison controlled by the IRGC.

The Department of the Treasury previously sanctioned the IRGC in June 2011 and in October 2007.

Iran’s Law Enforcement Forces

Following the 2009 post-election protests, during which opposition activists used the Internet and social media to document police crackdowns, the Iranian regime identified and arrested many bloggers and activists through the use of advanced monitoring systems. In January 2012, the LEF issued new regulations requiring owners of Internet cafes to install closed-circuit television cameras and to register the identity and contact details of users before allowing them to use their computers. Given the LEF’s history of serious human rights abuses, its efforts to monitor the Iranian public can reasonably be assumed to enable human rights abuses by the Iranian government.

The Department of the Treasury previously sanctioned the LEF in June 2011.

Datak Telecom

The Iranian Internet service provider Datak Telecom has collaborated with the Iranian government to provide information on individuals trying to circumvent the government’s blocks on Internet content, allowing for their monitoring, tracking and targeting by the government. Datak regularly collaborated with the government to test surveillance techniques.

Over the last two years, Datak provided ongoing technical surveillance on Iran-based users of a popular commercial email service. Datak undertook plans to carry out this type of attack on a larger scale, to potentially include surveillance of millions of Iranian users.

Datak has also demonstrated planning to purchase equipment used to intercept Internet and voice communications.