Publication

This Hotspot Analysis examines state-sponsored cyber-activities regarding Iran. It outlines that Iran uses cyberspace to surveil dissidents and control information within the country. On the international level, Iran considers cyber-operations to form a part of its asymmetrical warfare against the US and its allies, providing a way to harass adversaries with limited risks of retaliation. However, Iran’s scarce resources limit its cyber-operations, leading the country to focus on easier targets. Iranian cyber-activities also appear to follow international events. For instance, Iranian cyberattacks against the US decreased following the signing of the Joint Comprehensive Plan of Action, but increased after President Trump’s withdrawal from the agreement. The discovery of the US-Israeli developed Stuxnet in 2010 demonstrates how Iran is on the receiving end of cyberattacks. However, the lack of information on cyber-incidents within Iran curtails effective assessments of such attacks.