Iran (Islamic Republic of)
Share
Expand All
Last Updated: June 2021
Cybersecurity Policy

Relevant Strategy Documents, and Implementation Frameworks

Structure

Relevant National Centre or Responsible Agency, Key Positions, Dedicated Agencies and Departments, CERT or CSIRT.

National Centre or Responsible Agency

The primary nodal entity responsible for formulating and/or implementing the cyber policy of the State.

Supreme Council of Cyberspace (SCC)
Supreme Leader (appointed by, reports to)
  • Holds all internet policy decision-making power.
March 2012
Key Positions

Key positions pertinent to the cyber policy of the State (or aspects thereof) and its implementation.

Chairman
Supreme Council of Cyberspace (SCC)
  • The President of Iran is Chairman of the Supreme Council of Cyberspace (SCC).
2012
Dedicated Agencies and Departments

The agencies, ministries, departments, and other entities (and their subdivisions) tasked with responsibilities relating to the support and implementation of the cyber policy of the State.

Cyber Police of Islamic Republic of Iran (FETA)
Islamic Republic of Iran Police

Goals of Cyber Police:

  • Secure cyber space;
  • Protect national and religious identity, community values, legal liberty, national critical infrastructure against electronic attacks;
  • Preserve interests and national authority in cyberspace; and
  • Assure people in all legal affairs such as economic, social and cultural activities in order to preserve national power and sovereignty.
2011
Cyber Defense Command (قرارگاه دفاع سایبری‎‎;)
Passive Civil Defense Organization, Joint Staff of Iranian Armed Forces
Cyber defense unit for the country
November 2010
Ministry of Information and Communications Technology (Ministry of ICT)
Government of Islamic Republic of Iran
  • Responsible for postal services, telephones and information technology.
2003 (renamed and codified)
Iran Information Technology Organization (ITO)
Ministry of Communications and Information Technology
  • To manage support functions and to organize the security of the space of information exchange, hardwares and softwares; to improve electronic capabilities; to develop internet service, to develop information technology and its applications.
2011
(proposed) National Cyberspace Center
Supreme Council of Cyberspace (SCC)
  • Should be established under the auspices of the Supreme Council of Cyberspace (SCC);
  • Entire and up to date knowledge of cyberspace at the domestic and global level.
National CERT or CSIRT

The designated response team responsible for responding to cybersecurity threats and incidents at the State level.

Iran Computer Emergency Response Team (CERTCC MAHER)
  • Cooperates with national security organizations in order to assure the security of cyberspace;
  • Governmental CERT.

 

Goals and Duties:

 

  • To provide a central national node for strategic coordination activities in information exchange environments incidents based on the division of work and responsibilities as provided by the high council of cyberspace;
  • To build sufficient capacities in order to respond to cyber incidents in the country;
  • The exchange of experiences and analysis of incident responses;
  • Helping organizations, government centers and private companies create CSIRT groups;
  • Facilitate communication between groups with similar directions and related organizations in order to share knowledge in the cyber security field;
  • Development of secure communication mechanisms for reliable communication among groups;
  • To join in international groups and also the formation of international interaction centers to confront common threats;
  • Sharing of important analysis regarding systems’ security and important threats on a national level;
  • Support of continuous security evaluations in various information exchange environments;
  • Knowledge transfer through educational courses;
  • Communication and cooperation with other CERTs at national, regional and international levels;
  • Holding meetings, seminars and conferences related to confronting cyber-attacks;
  • Cooperation with related organizations with the goal of drafting and passing laws, regulations and policies that affect the capacity to deal with cyber incidents.
2008
Legal Framework

Relevant Legislation, and Views on International Law.

Legislation

Legal instruments in force relating to the national cyber policy of the State.

Computer Crimes Act (Law No. 71063)
  • Chapter 1 - Crimes against Confidentiality of Data and Computer and Telecommunication Systems
  • Chapter 2 - Crimes against Integrity and validity of Data and Computer and Telecommunication Systems
26 May 2009
Computer Misuse and Cybercrime Act 2003 (Act No. 22 of 2003)

Specifies as offences unauthorised access to computer data, unauthorised access to and interception of computer service, unlawful possession of devices and data, etc.

30 July 2003
Views on International Law

Official sources designed to outline State positions towards application of international law to cyberspace.

Declaration of General Staff of the Armed Forces of the Islamic Republic of Iran Regarding International Law Applicable to the Cyberspace
General Staff of Iran's Armed Forces
  • This declaration includes four articles and was released by the General Staff of Iran’s Armed Forces;
  • The general points include:
    • International law applicable to cyberspace shall be a just distributer of benefits and advantages of peaceful cyberspace and involved “access” and “equitable sovereignty” for all states;
    • Emphasizes the obligation of all States to act responsibly within the cyberspace domain, stressing that States have common but different responsibilities because of resources and technologies available for each state;
    • The prohibition against the use of force and act of aggression may apply to the use of cyberspace.
July 2020
Cooperation

Relevant Multilateral Agreements, UN Processes, Bilateral and Multilateral Cooperation, Select Activities, and Membership.

UN Processes

Key dialogues and policy processes related to cyber policy matters, under the United Nations framework.

Expressed views to the Annual Report of the UN Secretary-General on Developments in the Field of Information and Telecommunications in the Context of International Security
2013
Expressed Views at the Open-Ended Working Group on Developments in the Field of Information and Telecommunications in the Context of International Security
2019/2020/2021
Bilateral and Multilateral Cooperation

Legally binding and non-legally binding agreements, dialogues, exercises, etc., related to cyber policy matters that the State has entered into with another State and/or States.

Information Security Agreement, Iran-Russia
Foreign Minister
  • The information security agreement coordinates efforts between Iran and Russia against cyber-related crimes.
January 2021
Discussions, Armenia-Iran
Ministry of Communications and Information Technologies
  • Discussions on new perspectives and opportunities of cooperation in a number of fields, including information technologies and cyber security;
  • Discussions on the Armenian project of establishing a regional "Data center".
13 October 2017
Agreement on cooperation, Iran-South Africa
Minister of Communications and Information Technology (CIT) Mahmoud Vaezi
Investment in ICT, satellitles, e-commerce, cyber-security
27 September 2017
Agreement on cooperation, Iran-Thailand
Minister of Communications and Information Technology (CIT) Mahmoud Vaezi
Collaboration in IT, software, hardware, and cybersecurity
9 August 2017
Cybersecurity Alliance for Mutual Progress - CAMP Initiative, Member
Iran National CERT/CC (MAHER)
Network platform to lift up the overall level of cybersecurity of members through development experiences and trends sharing.
11 July 2016
Cooperation, Uganda-Iran
Commander in Chief, Police
Cooperation between the two police institutions to increase cooperation in security, including in cybercrime and ICT.
15 October 2014

This interactive map is for illustration purposes only. The boundaries and designations shown do not imply official endorsement by the UNIDIR. For a more accurate and up-to-date world map, please consult the UN Geospatial Information Section website.