Report: Iran’s Cyber Capabilities

August 5, 2016

“Cyber is emerging as Tehran’s weapon of choice for dealing with domestic opponents and foreign adversaries,” according to Michael Eisenstadt of The Washington Institute for Near East Policy. In a new paper, he outlined Iran’s growing interest in cyber, its abilities, and strategic logic. The following are excerpts.


Iran’s Lengthening Cyber Shadow

What explains Iran’s growing interest in cyber? First, it fits well with elements of its strategic culture: a preference for ambiguity, standoff, and indirection when conducting potentially high-risk activities—enabling it to better manage this risk. Second, international cyber norms remain inchoate, providing Iran with margin for maneuver in this domain. Third, Iran hopes to shape these emerging cyber norms, so that its cyberspying and offensive cyber operations become a tolerated form of behavior, much as its use of terrorism is tolerated by many members of the international community. Iran also uses cyber to demonstrate U.S. impotence in the face of Tehran’s defiance of Washington—recalling Ayatollah Ruhollah Khomeini’s slogan during the 1979–80 embassy hostage crisis that “the United States cannot do a damn thing.”

While nuclear technology has been around for more than half a century and is a status symbol of the old international order, cyber is cutting-edge and a harbinger of the future; it is important for Iran to demonstrate mastery of both forms of high-tech Great Power achievement. Thus, Iran’s cyber activities support the regime’s narrative that the Islamic Republic is an emerging scientific and technological force1 whose cyber achievements are second only to cyber superpowers Russia, China, and the United States. Indeed, Iran is blessed with world-class human capital in the science, technology, engineering, and math (STEM) disciplines. Its best universities turn out large numbers of first-rate students who have repeatedly placed high in recent informatics and other STEM olympiads. Its main problem is holding on to this talent; political and economic conditions at home and tempting opportunities abroad often cause graduates to seek employment overseas.

Finally, in the wake of the nuclear deal between the P5+1/EU and Iran, the latter has been testing to see what kind of activities it can get away with without jeopardizing sanctions relief and foreign investment. It has continued with the covert procurement of technology for its missile and nuclear programs, reckless naval posturing in the Persian Gulf, provocative missile launch exercises, and arms transfers to proxies and allies in Syria and Yemen9 in violation of the spirit, if not the word, of the nuclear accord and UN Security Council Resolution 2231. Cyber may provide Iran with an additional means of asserting itself, pushing back, and intimidating others that the United States and its allies might find difficult to effectively counter.

Cyber Operations and Iran’s National Security Concept

In the past decade, Iran’s cyber toolkit has evolved from a low-tech means of lashing out at its enemies to a pillar of its national security concept. In fact, cyber may be emerging as a fourth leg of Iran’s current deterrent/warfighting triad. This triad currently consists of the ability to

  • disrupt maritime traffic passing through the Strait of Hormuz;
  • conduct unilateral and proxy terrorist attacks on several continents; and
  • launch long-range missile and rocket strikes against targets throughout the region.

Iran believes that domestic and foreign threats form a seamless web, and that the domestic opposition is inspired by foreign cultural influences and enabled by foreign powers that seek to bring down the Islamic Republic. It likewise believes that Western popular culture has a morally corrosive impact on Iranian youth, and that U.S. soft warfare aims to alienate Iran’s youth from the ideology of the revolution, undermine popular support for the regime, and sap the social cohesion of the Islamic Republic. It sees both as existential threats to the Islamic Republic.

Thus, for Tehran, cyber represents both an existential threat and an exceptional opportunity. Tehran believes that cyber enables its domestic opponents to organize, and its foreign enemies to undermine the regime through soft warfare. But it also provides the regime with unprecedented means to control the country’s population, to defend itself from both domestic and external cyber, military, and other threats, and to strike at its enemies.

Click here for the full text.


Michael Eisenstadt is Kahn Fellow and Director of the Military and Security Studies Program at The Washington Institute for Near East Policy.

Click here to read his chapter on Iran-Iraq relations.