Expect more Iranian Cyber Attacks as Sanctions Continue to Bite
Iran is at it again. According to the United States technology giant Microsoft, hackers linked to the Iranian government – a group Microsoft have named “Phosphorus” – are busy targeting the email of a U.S. presidential campaign, as well as various U.S. government officials, political journalists, and prominent expatriate Iranians. A spokesman for President Donald Trump’s re-election campaign said last week that no attempt had (as yet) been made on Trump’s email infrastructure.
It would of course be no surprise if Iranian hardliners were targeting President Trump’s re-election campaign. Mr. Trump’s “Maximum Pressure” approach to Iran, which includes widespread sanctioning and the listing of the Iranian Revolution Guard Corps (IRGC) as a terror group, is having an impact. The recent attack on oil facilities in Saudi Arabia and the detention of the British-flagged oil tanker Stena Impero indicate a regime under increasing levels of pressure.
The Iranian hardliners also have form when being squeezed. When former U.S. President Barack Obama signed the Joint Cooperation Plan of Action with Iranian President Hassan Rouhani in the summer of 2015 it presaged a wave of Iranian cyber-attacks that autumn.
As with the recent Microsoft attack, the 2015 wave of Iranian cyber activity targeted U.S. government officials, prominent Iranian-American dual nationals, and journalists. The most famous case in the latter group was former Wall Street Journal Middle East correspondent Jay Solomon, who was sacked by the WSJ after the paper became aware of hacked material outlining a possible business arrangement between Solomon and Farhad Azima, an Iranian-American aviation executive, and middleman who was one of Solomon’s key sources.
Interestingly, the proposed business deal between the two men – a deal Solomon denies having ever seriously considered – was reputedly a contract with the United Arab Emirates to conduct surveillance on Iran using Azima’s fleet of cargo aircraft. In his fascinating account of his complicated sourcing relationship with Azima in the Columbia Journalism Review – which involved repeated trips to Azima’s luxury yacht in the south of France – Solomon lays the blame for the leak of Azima’s information squarely at the feet of the Iranian regime, i.e. the frequent target of Solomon’s award-winning reporting. Azima’s long-rumored involvement in the Iran-Contra affair and other U.S. military contracts were also undoubtedly of interest to Iranian hardliners, allowing the Iranian regime to kill two critics with one (leaked) stone.
Interestingly, Azima is choosing to blame Ras al Khaimah (RAK), one of the smaller United Arab Emirates, for the hacking and release of his personal communications, although this could be because Azima is currently locked in a High Court dispute with RAKIA, the Emirate’s investment vehicle, over a financial settlement the Emirate says Azima negotiated fraudulently during the winding up of a joint venture. Azima filed suit in the District Court of the District of Columbia seeking damages from the Emirate for the hack, but has since had his case thrown out of the American courts. Undeterred, Azima has filed a similar claim in the United Kingdom. Just why a state would unleash a sophisticated cyber-attack on a single individual over a relatively minor commercial dispute – approximately $2.6 million – remains unexplained.
What’s indisputable is the targeting of prominent Iranian-Americans that gives the Iranians a significant point of leverage in international affairs, whether the regime is targeting rumoured CIA assets and influential U.S. political donors like Azima (who Solomon says was instrumental in elucidating the Iranian networks evading sanctions, according to his U.S. government contacts), journalists like the Washington Post’s Jason Rezaian, or businessmen like Siamak Namazi. The fragility of data networks and our complete reliance on mobile forms of communication means there is an almost infinite ocean of pressure points waiting to be revealed.
And as Russia demonstrated with their interventions into the 2016 U.S. presidential election, even clear-cut proof of foreign involvement in U.S. domestic politics isn’t guaranteed to provoke bipartisan condemnation. The polarized moment our politics is currently experiencing means a domestic target will always be found to blame over a foreign one.
What is equally clear is that no advanced Western democracy is currently prepared for an onslaught from the likes of Iran, Russia, China, or North Korea, all of whom have made forays into cyber attacks and foreign interference. And with elections underway in Canada and an election soon to be run in the United Kingdom, G-7 nations cannot afford to be complacent.
If you're interested in writing for International Policy Digest - please send us an email via firstname.lastname@example.org