+49 2641 3703 – 0 +49 2641 3703 – 199 info@moench-group.com

Iran’s Continuously Evolving Cyber Capability

Exponential Growth in Budget and Resources

In the absence of a new nuclear agreement with the US, Iran may well direct its developing cyber capability against American interests, according to Israeli experts observing Tehran’s enhancement of its cyber attack competence, based, to a degree, on Chinese technology.

Israel’s cyber authority is solely a coordinating body, charged with delivering warnings to bodies potentially targeted by cyber attacks. Speaking anonymously, a senior cyber expert told MON that – unsurprisingly – Israeli critical infrastructure is a priority target for Iranian cyber efforts. “Iran has a very active cyber attack force, and it poses a very big danger to Israel.”

According to Israel’s Institute for National Security Studies (INSS), Iran’s cyber ability is a weapon in the strategic struggle it wages on several fronts against its principal enemies – the US, Israel and Saudi Arabia. An INSS paper, written by David Siman-Tov and Shmuel Evan, suggests that Iran sees cyber attacks not as alternatives to ‘kinetic action but, rather, as added capability. “For instance, relatively high-quality attacks against the Saudi Aramco oil company have been attributed to Iran. These facilities are part of the source of the kingdom’s wealth as an important oil provider to the global economy that helped the United States cover the shortage of Iranian oil as a result of the sanctions imposed on Iran. In December 2012, Iran carried out a broad cyberattack against Aramco that damaged about 30,000 of the company’s computers. In September 2019, Iran surprised the world with precision kinetic attacks on the company’s facilities, using drones and cruise missiles. Tehran did not claim responsibility in either case.”

A perspective paper written for the Begin-Sadat Center Mansour Piroti, based in Iraqi Kurdistan, says that Iran’s cyber transformation was initiated by a 2012 decree from Supreme Leader Ali Khamenei that established the Supreme Council of Cyberspace, tasked with creating a strategy and a blueprint for information control at home and intelligence-gathering abroad. To achieve these goals, the Council established a sophisticated, multi-layered cyber operations bureaucracy. Within three years, Iran’s budget for cyber development had increased by 1,200%.

In the decade since the establishment of the Council, Iran is believed to have been responsible for a wide range of cyber operations around the world. Industry pillars of the region’s economy, academics, and defense companies have been targeted in these attacks. Aramco and RasGas, the Saudi and Qatari petroleum companies, have both been frequent victims. In 2013, Iranian hackers penetrated the flood control system of the Bowman Avenue Dam in Rye Brook, NY, and the same group of hackers was implicated in separate attacks on three US financial firms. In 2014, regime-linked proxies hit the Sands Casino in Las Vegas with destructive malware.”

These attacks, according to Piroti, were designed to gather detailed information, not affect operations. The information was meant to be used against the victims should diplomatic relations change.

Arie Egozi in Tel Aviv for MON

An Israeli cyber defence operative at work. (Photo: IDF)

Related Posts

Publish date


Sign up to our newsletter and stay up to date.




Components / Systems


Defence Business

Homeland Security

International Security


Latin America (Spanish)



Training & Simulation


Special Forces



Contact Us

Contact Info

Mönch Verlagsgesellschaft mbH
Christine-Demmer-Straße 7
53474 Bad Neuenahr – Ahrweiler

+49 2641 3703 – 0

+49 2641 3703 - 199

Follow On