This article was written by Jeremy Walker and originally published on Grey Dynamics.

The threat posed by Iranian cyber actors has been a growing concern for the past decade, yet people have yet to see the destructive capabilities these actors could produce. Iran can affect global infrastructure, drag out and disrupt a potential Middle East peace process, and continue implementing restrictions on Iranian citizens’ freedom of information. This ability can and will have consequences to the broader global community. This article will assess how the Iranian state organizes this often forgotten side of warfare, and how it uses the forces at its disposal.

Why Does Iran Need Asymmetric Capabilities?

Iran had to significantly invest in its asymmetric warfare capabilities to assert its influence in the Middle East. Since the creation of the Islamic Republic with the 1979 Revolution, Iran has seen the United States as its main threat. However, Iran always had to play catch up being financially much weaker than the U.S. (For comparison, in 2018 the U.S. spent $623 billion on defense, while Iran reportedly spent $13 billion.)

Iran’s move towards asymmetric capability began around the turn of the last decade. The 2009 Green revolution showed the Iranian leadership that it should take this side of asymmetric capabilities seriously. With the Stuxnet attack on the Iranian nuclear program discovered a year later and the threat posed from internal and external sources realized Iran found itself having to pivot its strategy to confront this danger.

Structural Hierarchy

The hierarchy of Iranian cyber actors is a tricky web to navigate.

The Supreme Leader, Ayatollah Ali Khamenei, has absolute control over the workings of government. President Hassan Rouhani only has paper authority over the Supreme National Security Councilwith the Supreme leader having final jurisdiction on security issues.

There is frequent overlap when it comes to the cyber capabilities of multiple organizations within the national security structure. In practice, the Islamic Revolutionary Guard Corps (IRGC) are independent and often refuse to be subordinate to any other organization outside of the office of the Supreme Leader.

The Ministry of Intelligence and Security and other organizations within the elected government, such as the Ministry of the Interior that runs the law enforcement organizations, also have their independent prerogatives when it comes to cyber operations. The lack of communication and the structural competition between the different entities often result in overlapping duties and conflicts for resources.