Iranian hacks into the social media accounts of U.S. State Department officials are the latest signal from Tehran that it is not looking to turn the page on its embattled relationship with Washington. They also reflect the diversification underway in Iranian cyberwarfare tactics, which in recent years have expanded from denial and disruption attacks against mostly private sector targets in the U.S. and allied countries, to include intelligence gathering. The recent hacks targeted U.S. officials who work on Iran policy, presumably to penetrate their networks of contacts for further intelligence exploitation.
Tehran has long sought to advance its foreign policy objectives using asymmetric tactics, which compensate for its conventional weakness. For example, it funds and supports proxy fighters in Syria, Iraq, and Yemen instead of sending conventional troops. It perpetrates targeted assassinations against enemy countries, such as the failed attempt against the Saudi ambassador to Washington in 2011. Viewed through this lens, cyberwarfare fits neatly into Tehran’s existing arsenal. With relatively few resources, Iranian hackers can inflict damage on more powerful adversaries from afar. As with its proxy fighters, hacking provides Iran with a degree of deniability that helps to minimize the risk of escalation, and Tehran modulates the pace of its cyber attacks depending on the political climate. It has been widely reported that attacks ceased during sensitive nuclear negotiations with the West but have resumed now that the deal is finalized.
Access all of The Cipher Brief’s national security-focused expert insight by becoming a Cipher Brief Subscriber+ Member.
Sign Up Log In