“The Islamic Republic of Iran and China are standing in a united front,” claimed Iran’s ICT Minister Mohammad Javad Azari Jahromi last week, “to confront U.S. unilateralism and hegemony in the field of IT.” For confront read “offensive actions,” and for IT read “cyber.”
Jahromi followed this with similar comments in Beijing a few days later, when he met his opposite number Miao Wei. The ministers discussed “common challenges” in the face of “U.S. unilateralism,” of which Jahromi said, “we are facing similar challenges, so we need to find common solutions.” The Iranian minister accused the U.S. of “spreading its hegemony on new strategic technologies such as artificial intelligence,” and criticized Washington’s actions against Huawei and ZTE.
Miao Wei reportedly stressed that cooperation between the two countries would help tackle “such threats and pressures.”
According to Iran’s state media, the ministers “discussed ways to boost cooperation in the field of information technology and countering threats in cyberspace—and agreed to establish a joint workgroup to survey and counter those threats.”
In May, Chinese Foreign Minister Wang Yi told the media after meeting his Iranian counterpart Mohammad Javad Zarif, that “China is strongly opposed to U.S. unilateral sanctions and its prejudgments. China understands Iran’s conditions and concerns and safeguards its legitimate interests.”
Although some of the language can be interpreted as referencing mainstream, non-military IT interests, the context is entirely cybersecurity related and comes as tensions continue to intensify and the cyber domain becomes ever more important.
Putting any theoretical risk from North Korea—handshakes included—to one side, the greatest threats to the security of the U.S. and its allies come from Russia, China and Iran. The same is true when it comes to cybersecurity—China and Russia have long been the world’s greatest villains, but Iran fancies a seat at that table.
From a military perspective, there are clear links. Russia supplies weapons and proxy sponsorship to the Middle East, and China is now reportedlyeyeing a more significant military role in the region. China and Russia have also both blamed the U.S. for its escalating tensions with Iran.
Meanwhile, the continued integration of cyber and conventional warfare has been thrust into the headlines this year, also in the Middle East. Israel launched a missile strike to retaliate for an offensive cyber strike, while the U.S. did the opposite, responding to Teheran’s downing of a surveillance drone with a cyber strike against the country’s missile control systems.
In the conventional domain, spillover from the battlefield into the real world comes in the form of insurgency and terrorism. It is difficult to plan and execute and it usually fails. In the cyber domain, attacks can be mounted on soft targets worldwide with relative ease. Iran is learning this fast.
The warning issued by U.S. Cyber Command in the wake of its strike on Iran was to Outlook users that a (likely) Iranian hack was targeting millions of unpatched systems. Iran doesn’t need to counter hard targets to hit back.
Last month, the Cybersecurity and Infrastructure Security Agency (CISA) within the DHS issued a blanket warning about a”recent rise in malicious cyber activity directed at United States industries and government agencies by Iranian regime actors and proxies… using destructive ‘wiper’ attacks, looking to do much more than just steal data and money.”
CISA warned that “these efforts are often enabled through common tactics like spear phishing, password spraying, and credential stuffing. What might start as an account compromise, where you think you might just lose data, can quickly become a situation where you’ve lost your whole network.”
Also last month, the National Security Agency confirmed that “there have been serious issues with malicious Iranian cyber actions in the past. In these times of heightened tensions, it is appropriate for everyone to be alert to signs of Iranian aggression in cyberspace and ensure appropriate defenses are in place.”
And it’s not just the U.S. The U.K. blamed Iran for a concerted cyber attack last December on major government and commercial organizations.
Iran’s ability to retaliate against the U.S. government is limited, but Teheran has proven to be ultimate pragmatists when it comes to finding ways to tackle the threat of the U.S. Lining up China’s cyber support would certainly fit that bill.
Offensive cyber capabilities have long been the most sensitive and nationalistic of government activities, clouded in secrecy and deniability. If Iran finds Beijing open for business, beyond rhetoric and public support, and can genuinely tap into China’s expertise to become the ultimate cyber proxy against the U.S., the dynamics of that particular conflict will change significantly.