Iran's Cyber Capabilities

Published April 17, 2026
By US Cyber Command
US Cyber Command

TOPIC SPONSOR: US Cyber Command

What are Iranian cyber tactics, techniques, and procedures? What are the trends in Iranian cyber operations? How does Iran use commercial entities to enable cyber operations? How reliant is Iran on foreign technologies for the development and procurement of cyberspace capabilities?

Evans, Capt. Stephanie, "Exploiting the Alliance: Identifying Methods for the U.S. to Counteract the Advantages of the Russia-Iran International Partnership," AFGC thesis, 2025, 37 pgs.
- Evans highlights that Iran’s cyber tactics heavily rely on recruiting non-government proxy groups to execute attacks, which provides the Iranian government with plausible deniability. Their procedures often focus on targeting critical civilian infrastructure and public health sectors, such as water facilities, pharmaceutical manufacturers, and children's hospitals. A key technique is the strategic timing of these attacks; for example, Iran launched a major malware attack against a Saudi oil company during a religious holiday to ensure minimal staffing, thereby maximizing the malware's success.

Iran Guard