ANALYSIS/OPINION:
Iran[1]’s nuclear ambitions have been much in the news — and rightly so. The rogue state’s propensity to meddle violently in its neighbors’ affairs make the prospect of a nuclear Iran[2] frightening, indeed.
But the international community’s focus on the mullahs’ nuclear and missile programs has left Iran[3]’s cyberwarfare somewhat ignored. That must change.
Iran[4]’s offensive cybercapabilities pose a significant, long-term threat to the U.S. and its allies. Already Iran[5] has carried out highly damaging cyberattacks against us and other nations.
Such attacks can be expected to increase in both frequency and the damage done, as Iran[6] continues to expand its cyberwar program.
Since 2011, Iran[7] has invested $1 billion in cybertechnology, infrastructure and expertise. In 2012, the Iranian Revolutionary Guard Corps claimed to be training over 120,000 individuals for advanced cyberwarfare. That same year, Iranian Supreme Leader Ayatollah Khamenei created the Supreme Council of Cyberspace — its mission: to oversee the “defense of the Islamic Republic’s computer networks and develop new ways of infiltrating or attacking the computer networks of its enemies.”
Some of the most devastating cyberattacks, thought to have originated in Russia or China, actually came from Iranian hackers.
Professionals have detected Iranian hackers targeting networks of defense contractors, aviation firms, and oil and gas companies. The U.S. government linked a sizable cyberattack on the U.S. banking system to Iran[8] in 2013. More recently, the U.S. Department of Justice indicted nine members of the IRGC for attempting to penetrate and steal more than $3 billion in intellectual property from over 300 American and foreign universities.
Similar attacks have been leveled at U.S. allies. A 2016 cyberattack on Saudi Aramco, arguably the most valuable company in the world, erased important data on more than 30,000 hard drives. In 2017, the United Kingdom blamed Iran[9] for hacking the email accounts of dozens of members of Parliament....
The Iranian cyberthreat also extends to its own citizens. The regime heavily regulates the information its citizens can access on the internet, while using the web to attack its domestic critics. Meanwhile, it digitally surveils human-rights defenders, perceived enemies of the state and even its own agencies.The Iranian government publicly boasts about its cybercapabilities, while simultaneously denying all accusations of cyberwarfare. Certainly, their capabilities have become increasingly sophisticated over the years. Experts note that Iranian hackers steal more intellectual property than any country but China.Iranian hackers are also more difficult to track — largely because Iran[10] uses proxies when carrying out attacks. These intermediaries often disappear immediately following an attack.The United States has begun pushing back on Iran[11]’s cyberattacks but still could do more. Countering the cyberthreat will require a national grand strategy for cybersecurity. Currently, we have none. This puts us on the defensive, responding to attacks as they