By Majid Rafizadeh
December 4, 2018
Iran’s expansionist policies have attracted significant attention from some media outlets, politicians and scholars. The regime’s military adventurism in the region has been mainly carried out by the senior cadre of the Islamic Revolutionary Guard Corps (IRGC), its elite branch the Quds Force and Tehran’s proxies, militias and terrors groups across the Middle East.
However, Iran’s cyberwarfare program and its direct and indirect implications on global security and other national interests have received less media and scholarly attention.
The cyberwarfare program, initiated in 2012, is run by the Supreme Council of Cyberspace, which was formed by an order from Iran’s Supreme Leader, Ali Khamenei. The council, which devises and forms policies regarding cyber activities, has become an indispensable pillar of the IRGC and Iran’s foreign policies.
The latest developments reveal that the Islamic Republic’s cyber capacity has considerably advanced since the council’s establishment. In fact, Iran is the fourth-largest “cyber power” in the world, according to an IRGC official. Even major Israeli think tanks have acknowledged the Islamic Republic as a major player. For example, the Institute for National Security Studies stated: “The IRGC clearly makes the country one of the best and most advanced nations when it comes to cyberwarfare. In a case of escalation between Iran and the West, Iran will likely aim to launch a cyberattack against critical infrastructures in the US and its allies, including energy infrastructure, financial institutions, transportation systems, and others.”
But, instead of employing such advances to lead technological breakthroughs and improve the lives of its citizens, the regime has been exploiting the program to launch cyberattacks and carry out cyberespionage in an attempt to inflict damage on other countries’ financial, security and political infrastructures.
Last week, two people based in Iran were accused of being behind a series of cyberattacks in the US, which included crippling the city of Atlanta’s government by targeting its hospitals, schools, state agencies and other institutions. Data from these major institutions was held hostage in exchange for ransom payments. According to Brian Benczkowski, the head of the criminal division of the Justice Department, the individuals “deliberately engaged in an extreme form of 21st-century digital blackmail, attacking and extorting vulnerable victims like hospitals and schools — victims they knew would be willing and able to pay.”
The Iranian regime has previously been found responsible for carrying out cyberattacks against the US and other nations. For example, US banking systems were attacked at an unprecedented level and the online banking sites of institutions such as Bank of America, JPMorgan Chase, Wells Fargo and Citigroup were impacted. US officials stated that the level of sophistication involved pointed to the Iranian government.
Recently, the Justice Department also indicted seven Iranian citizens for distributed denial of service attacks against 46 companies mainly in the banking and financial sector. In addition, US intelligence pointed out that the Islamic Republic was behind the “Shamoon” virus, which targeted the computers of Saudi Arabia’s Aramco oil corporation.
Iranian leaders are cognizant of the fact that carrying out cyberattacks is less costly than getting engaged in direct military confrontations with its rivals. In addition, the regime’s military capabilities are mostly inferior to those of its “enemies.” As Abdollah Araqi, IRGC deputy commander of ground forces, pointed out, according to the Iranian Students’ News Agency: “We have armed ourselves with new tools because a cyber war is more dangerous than a physical war.”
As a result, from the perspective of the Iranian leaders, the alternative to a physical war is a virtual one that either provides the benefit of anonymity or makes it extremely difficult to hold them accountable. As US Director of National Intelligence Dan Coats indicated last year: “Tehran continues to leverage cyberespionage, propaganda and attacks to support its security priorities, influence events and foreign perceptions, and counter threats — including against US allies in the region. Iran has also used its cyber capabilities directly against the US.”
It is also important to point out that Iran will more than likely attempt to export its cyberwarfare capabilities to its proxies, militia groups and allies. This could have severe repercussions on other nations’ national security interests and financial infrastructures.
Finally, Iran’s cyberwarfare program has become a matter of national security for the regime as it helps the ruling mullahs in achieving their foreign policy objectives and regional hegemonic ambitions. The Islamic Republic’s cyberwarfare capabilities are advancing at a pace that needs to be addressed by regional and global powers. The regime has shown that it will not hesitate to attack rival countries through cyber platforms and inflict significant damage on ordinary people, as well as governmental, private and public institutions.
It is incumbent on the international community to act swiftly and hold the Iranian regime accountable for its cyberattacks against other governments and their citizens.