In his recent testimony before the Senate Armed Services Committee, National Intelligence Director James Clapper named Russia, China and North Korea as the top threats to US cybersecurity.

But another key cyber adversary was left out – the Islamic Republic of Iran.

Ever since the Stuxnet worm damaged Iran’s nuclear program in 2010, the country has been on a tear to build up its own offensive cyber program. It’s now one of the most aggressive nations when it comes to launching certain types of cyber attacks:

  • 2012 – Saudi Aramco hit by wiper malware, 30,000 computers disabled
  • 2013 – Hackers breach New York dam
  • 2014 – Las Vegas Sands hit by a wiper malware attack

Iran is unique though, as a hacker nation, because it tends to rely more heavily than other countries do (ex: China) on decentralized, proxy groups to carry out its overseas attacks. In the government’s view, this gives it plausible deniability when attacks occur, but it also raises questions about how much control Iran’s government actually has over the hackers it is directly or indirectly supporting.