February 27, 2020 | CTC Sentinel

The Cyber Threat from Iran after the Death of Soleimani

February 27, 2020 | CTC Sentinel

The Cyber Threat from Iran after the Death of Soleimani

Excerpt

Tensions between the United States and Iran have been escalating since the Trump administration came into office in January 20171 and withdrew from—and in November 2018 began reimposing sanctions lifted pursuant to—the 2015 nuclear agreement, formally known as the Joint Comprehensive Plan of Action (JCPOA).2 Washington has further escalated sanctions since then, and Iran has responded with violence and destabilizing activities across multiple domains.3 In total, U.S. sanctions have cost Iran $200 billion in investment and oil revenue, according to President Hassan Rouhani.4 Inflation is rampant,5 foreign exchange reserves are rapidly shrinking, and the country has entered a deep recession.6

In response, the regime and its Islamic Revolutionary Guard Corps (IRGC) have harassed and even bombed vessels traveling through the Persian Gulf,7 and downed a U.S. drone in international airspace.8 State-backed hackers have, among other things, increased targeted phishing attempts against private industry in the United States and around the world9 and against journalists and activists.10  Tehran also stands accused of launching drone and missile attacks on Saudi oil giant Saudi Aramco.

While the Trump administration reportedly launched cyberattacks on Iran following the downing of the U.S. drone,11 the president ordered but then canceled military strikes minutes before their execution.12 After the Aramco attack, the Trump administration reportedly again used exclusively U.S. cyber tools, this time conducting an attack aimed at degrading Iran’s propaganda capabilities.13 As a result, the U.S. strike that killed General Qassem Soleimani, commander of the IRGC Quds Force, took the world by surprise.

Annie Fixler is the deputy director of FDD’s Center on Cyber and Technology Innovation, where she contributes to the cyber-enabled economic warfare project and the Transformative Cyber Innovation Lab. Follow Annie on Twitter @afixler.  

  1. Aki Peritz, “The Coming ISIS Jailbreak,” Foreign Affairs, October 23, 2019.
  2. Lorenzo Vidino and Bennett Clifford, “A Review of Transatlantic Best Practices for Countering Radicalisation in Prisons and Terrorist Recidivism,” Europol, July 12, 2019; “Handbook on the Management of Violent Extremist Prisoners and the Prevention of Radicalization to
    Violence in Prisons,” United Nations Office on Drugs and Crime, October 2016; “EU Terrorism Situation and Trend Report (TE-SAT) 2019,” Europol, June 27, 2019.
  3. “North East Syria: Al-Hol Camp,” United Nations Office for the Coordination of Humanitarian Affairs, January 13, 2020; Louisa Loveluck
    and Souad Mekhennet, “At a sprawling tent camp in Syria, ISIS women impose a brutal rule,” Washington Post, September 3, 2019.
  4. “Twenty-fifth report of the Analytical Support and Sanctions Monitoring Team concerning ISIL (Da’esh), Al-Qaida and associated individuals and entities,” United Nations, December 27, 2019.
  5. Ibid., pp. 3, 5.
  6. Vidino and Clifford.
  7. Trevor Cloen, Yelena Biberman, and Farhan Zahid, “Terrorist Prison
    Breaks,” Perspectives on Terrorism 12:1 (2018): pp. 59-68.
  8. Peritz.
  9. Ibid.
  10. See Ibid.; Ellen Ioanes, “Donald Trump’s abrupt withdrawal from Syria may allow ISIS to come back with a vengeance — using the group’s time-tested strategy,” Business Insider, October 10, 2019; Tim Arango and
    Eric Schmitt, “Escaped Inmates From Iraq Fuel Syrian Insurgency,” New York Times, February 12, 2014; and “Twenty-fifth report of the Analytical Support and Sanctions Monitoring Team,” p. 6.
  11. Craig Whiteside, Ian Rice, and Daniele Raineri, “Black Ops: Islamic State and Innovation in Irregular Warfare,” Studies in Conflict & Terrorism (2019).
  12. Bill Roggio, “Pakistani Taliban assault prison, free nearly 400 inmates,”
    FDD’s Long War Journal, April 15, 2012; Bill Roggio, “Pakistani Taliban assault prison, free hundreds of inmates,” FDD’s Long War Journal, July 30, 2013.
  13. “Prison break may cause problems in field: general,” CTV News, June 14, 2008.

Issues:

Cyber Cyber-Enabled Economic Warfare Iran Iran Global Threat Network Iran-backed Terrorism Military and Political Power Sanctions and Illicit Finance