25 Aug 16. While China and Russia have built up a robust profile in cyberspace, many are warning against Iran’s growing capabilities and behavior. Iran is one of the five evolving strategic challenges facing the U.S., along with Russia and China, North Korea and terrorism, according to Defense Secretary Ash Carter. Iran’s malicious activity in the physical world — such as its pursuit for nuclear weapons, its testing of ballistic missiles and its support for proxies in the Middle East that have claimed the lives of American service members — has long made the Islamic Republic a threat. Iran has also been bolstering its cyber capabilities and activity to serve its interests.
In a July report published by the Washington Institute for Near East Policy titled “Iran’s Lengthening Cyber Shadow,” the report’s author and fellow at the Washington Institute, Michael Eisenstadt, offers three points that explain Iran’s growing interest in cyber. It fits well with Iran’s strategic culture given cyberspace’s inherent ambiguity and standoff; the lack of international cyber norms provides Iran with a “margin for maneuver” in cyberspace; and given the lack of norms, Iran hopes to shape the international framework so its cyberspying and offensive cyber operations become tolerated, similar to its support for proxies considered by many to be terrorist organizations.
“Iran believes that domestic and foreign threats form a seamless web, and that the domestic opposition is inspired by foreign cultural influences and enabled by foreign powers that seek to bring down the Islamic Republic,” Eisenstadt explained. “It likewise believes that Western popular culture has a morally corrosive impact on Iranian youth, and that U.S. soft warfare aims to alienate Iran’s youth from the ideology of the revolution, undermine popular support for the regime, and sap the social cohesion of the Islamic Republic. It sees both as existential threats to the Islamic Republic.”
For Iran, cyber also represents that existential threat — and provides an exceptional opportunity.
“This is why Tehran is investing so much effort in developing its cyber capabilities: to deter both cyber and traditional military challenges, to wage its own version of soft warfare while its proxy and conventional military forces are kept in reserve, and to be able to strike its enemies globally, instantaneously, and on a sustained basis—something it cannot do in the physical domain,” he noted.
According to the Soufan Group, a security consultancy firm, the joint U.S.-Israeli cyberattack on Iran’s nuclear infrastructure by way of the Stuxnet virus added to the “Iranian government’s sense of urgency for developing its cyber capabilities.” Additionally, “[t]he extensive use of social media by participants in the 2009 ‘Green Movement’ uprising in Iran convinced the regime it needed additional capabilities to control and monitor the public’s use of the Internet,” the Soufan Group concluded, noting “Iran’s security apparatus has developed advanced cyber capabilities that can be adapted to different missions.”
From a U.S. threat perspective however, Iran, while thought to be on the rise in terms of capability, is still considered to be a lower-tiered threat compared to Russia and China.
“The states that we watch most closely in cyberspace remain Russia, China, Iran and North Korea. Russia and China are both very capable cyber operators, while Iran and North Korea represent lesser, but still significant, challenges to U.S. interests,” read the joint statement of several top Defense Department cyber officials for a June House Armed Services Committee hearing.
The chief of Cyber Command has also provided a similar assessment.
“Iran and North Korea represent lesser but still serious challenges to U.S. interests. Although both states have been more restrained in this last year in terms of cyber activity directed against us, they remain quite active and are steadily improving their