Why Should Donald Trump's Future Administration Respond to the Islamic Republic's Cyber Threats?

In recent years, hackers and cyber forces of the Islamic Republic have consistently attempted to threaten democracy in the West, particularly in the Middle East, United States, Israel, and Britain through cyber attacks and operations. Experience has shown that responses to Iran's cyber attacks have been delayed and limited to exposing the identities and images of those responsible for these attacks. This approach can only temporarily impede the regime's cyber activities since the consequences only affect individuals, and the regime can easily replace them with new operatives or change the names of their shell companies and front organizations.

The Islamic Republic's current cyber activities operate along three main axes. First: hacking activists and citizens within Iran. They collect information not only on political and social activists but on anyone they suspect might challenge the government in the future. This information, particularly gathered through Telegram, either leads to immediate arrests or is stored for future blackmail.

The second axis involves destructive attacks. Over the past year, the regime's Ministry of Intelligence has attempted to inflict serious damage to Israel's infrastructure through destructive cyber attacks. Although most of the regime's cyber attacks against Israel have focused on collecting and leaking information online, and their long-term program lacks specific political objectives, they instead seek to strike targets in the shortest possible time.

The third axis consists of extensive phishing operations targeting activists, journalists, Western and Middle Eastern governmental and non-governmental organizations, and media outlets. This information serves various purposes, such as attempting to damage Donald Trump's presidential campaign (the president-elect), or using archived emails and images of victims for future purposes. Notably, they have collected extensive information not only on Iranians but also on political figures in the West and Middle East, and by the time some of this information is exposed, it may be too late to hold the regime accountable.

As mentioned, merely issuing indictments against the regime's cyber forces is insufficient. Pressure must be applied in other directions, similar to America's action against the Alavi Foundation and its building in New York. We must not forget that most of these regime's cyber groups operate under the Islamic Revolutionary Guard Corps and the Ministry of Intelligence.

The appropriate approach is not limited to sanctioning associated individuals but must include economic pressure and asset seizure in America and allied countries, as they have crossed red lines and are conducting extensive cyber attacks against U.S. allies. Until reciprocal countermeasures and effective pressure mechanisms are employed against them, these destructive cyber operations against American targets and allies will continue.