President Biden pledged to expand cyber cooperation with Israel and Saudi Arabia during his trip to the Middle East last week, a move experts see as a direct response to the growing digital threat from the Iran.
The United States and Saudi Arabia have signed bilateral agreements strengthen their cybersecurity partnership and share information related to cyber threats and malicious actors, while Israel and the United States pledged to intensify its collaboration to combat cybercrime.
“In either case, we have to recognize that Iran is the primary driver of much of what happened on Biden’s journey, and that extends to cyberspace as well,” Jason Blessing said. researcher at the American Enterprise Institute.
Blessing said the common enemy of Iran offers the United States a window to forge stronger alliances between the two Middle Eastern countries, which have held secret talks to eventually establish official relations.
“I would say that the number one geostrategic priority [for the U.S.] puts both countries on the same page when it comes to Iran,” Blessing said.
And Iran is a formidable enemy in cyberspace.
Although not yet at Israel’s level, Iran has proven capable of launching all types of cyberattacks, ranging from website defacement and distributed denial of service attacks to ransomware and cyber espionage. .
In June, the FBI said it foiled a cyberattack last summer that aimed to disrupt Boston Children’s Hospital’s network. FBI Director Christopher Wray blamed Iranian-backed hackers for the attempted attack, calling it “one of the most despicable cyberattacks” he had ever seen.
Iran has also been accused of carrying out cyber espionage operations against Western media. A report released last week by cybersecurity firm Proofpoint details how state-sponsored hackers from several countries, including Iran, routinely spied on US-based journalists to gain access to sensitive information.
In Iran in particular, researchers have found hackers posing as journalists to gain access to their networks and contact sources with expertise in foreign policy in the Middle East.
Last year, Proofpoint researchers discovered that an Iranian hacking group was targeting two dozen medical professionals in the United States and Israel with phishing emails in an attempt to obtain information from personal account identification.
Israel, in response to the growing threat from Iran, announced in June that it plans to build a “cyber dome”, a national defense system intended to fight against digital attacks.
“Iran has become our main rival in the field of cyber,” said the head of Israel’s National Cyber Directorate, Gaby Portnoy, at a conference in Tel Aviv. “We see them, we know how they work, and we’re there.”
Portnoy added that Israel “cannot fight cyberaggression alone,” adding that his country must engage with various partners at home and abroad, including the private sector and academia.
James Lewis, senior vice president and director of the strategic technologies program at the Center for Strategic and International Studies, said the Saudis’ computing capabilities are not as sophisticated as Israel and Iran.
“The Saudis have worked to improve their [cyber] capabilities for a long time, but the pace of progress has been slow,” Lewis said. “If you look at the Middle East, Israel and Iran are the major cyber powers.”
Still, boosting cyber cooperation in the region is part of a larger US strategy to counter Iran.
“The United States promotes alliances around the world, and cyber is a crucial part of those alliances,” Lewis said. “Iran is one of the top cyber threats…so finding ways to fend off Iran is in the interests of all three.”
However, Israel and Saudi Arabia bring baggage to the cyber deals.
Blessing of the American Enterprise Institute said the Saudis would likely use cyber as a domestic surveillance tool to spy on dissidents, human rights activists, journalists and political opponents. And Israel’s NSO Group has been a leading provider of invasive surveillance tools used by governments like Saudi Arabia to do just that.
Blessing said he was disappointed that Biden did not mention the use of spyware on his trip, especially given Israel’s global role as a leading developer and distributor of malware.
“The fact that spyware was off the agenda shows that the administration lacks a positive agenda to assert U.S. interests and values in the digital space,” he said. Blessing.
US-based defense contractor L3Harris reportedly ended its bid to buy hacking tools from NSO Group last week, following concerns raised by the Biden administration last month that acquiring the spyware “would pose a serious counterintelligence and security risk to US personnel and systems.” ”
The concerns also prompted the Commerce Department in November to add NSO Group to its entity list, blacklisting the Israeli company and limiting its ability to use American technology.
Yet the issue was not mentioned publicly during Biden’s visit last week, despite the United States saying human rights are at the heart of its foreign policy.
“For the administration, spyware appears to be a lower priority than any initiative to counter Iranian influence and political presence,” Blessing said.