A recent Russia-Iran cybersecurity pact calls for broad collaboration between the two U.S. adversaries and presents a slate of challenges for the United States and allies on issues ranging from the conduct of cyber operations to setting global norms of conduct in cyberspace, according to the Foundation for Defense of Democracies.
“Calling the deal ‘a milestone’ in Russian-Iranian cyber cooperation, Iran’s Foreign Ministry said that the agreement envisions ‘international cooperation including detection of cyber intrusions and coordination … to ensure national and international security.’ This statement suggests that Moscow and Tehran may share intelligence about U.S. cyber operations, posing new challenges for U.S. Cyber Command as it seeks to ‘defend forward’ against foreign cyber threats. Moreover, stronger Iranian defenses may complicate America’s ability to use cyber operations to respond to Iranian aggression as the Trump administration reportedly did,” according to an FDD report released last week.
The report was written by FDD research manager John Hardie and Annie Fixler, deputy director of the group’s Center on Cyber and Technology Innovation. Mark Montgomery, a leader of the Cyberspace Solarium Commission, is senior director of the CCTI, which is chaired by Samantha Ravich, also a member of the Solarium Commission.
According to the report, “Andrei Krutskikhs, Moscow’s lead diplomat on information security, elaborated that the agreement stipulates broad cybersecurity cooperation, including coordination of actions, exchange of technologies, training of specialists, and coordination at the United Nations and other international organizations.”
Further, “Under the new agreement, Tehran stated, the two countries will cooperate against ‘crimes committed with the use of’ ICT, which these authoritarian regimes define as including political dissent.”
It says, “Tehran will also likely seek insights -- and potentially technology -- from Russia as both nations seek to reduce their dependence on Western technology.”
The report says Iran backs Russia’s “ongoing push” at the United Nations and in other venues for “authoritarian rules and norms of state control of the internet.”
“To counter authoritarian corruption of internet norms and to cooperate with allies and partners to hold malicious hackers accountable, ‘well-resourced and persistent diplomatic efforts’ are essential, as the congressionally mandated Cyberspace Solarium Commission observed in its March 2020 report. During his confirmation hearing, Secretary of Defense Lloyd Austin commented that from the Pentagon’s perspective ‘it is absolutely important that the State Department be resourced adequately.’ Indeed, U.S. Cyber Command chief Gen. Paul Nakasone has noted that U.S. cyber ‘capabilities are meant to complement, not replace’ diplomacy and other tools of U.S. statecraft,” the report says.
However, State Department efforts have fallen short, the report says, citing a recent Government Accountability Office report and criticism from Capitol Hill.
“Given this assessment as well as the expanding cooperation among U.S. adversaries, the Biden administration and Congress should work together to better resource and organize the State Department to defend U.S. values and interests in cyberspace,” the report says. -- Charlie Mitchell (firstname.lastname@example.org)