

Intelligence
The global strategy of computer hacking
Whoever operates on the Web and has even interesting or relevant data sooner or later will always be hacked by someone or by some organizations.
Usually “economic” hackers take the data of interest from the victim’s network and resell it in the dark web, i.e. the system of websites that cannot be reached by normal search engines.
Currently, however, after the Bayonet operation of July 2017 in which many dark web areas were penetrated, we are witnessing a specialization of the dark web and an evolution of web espionage methods against companies and States.
These operations which, in the past, were carried out by web amateurs, such as youngsters at home, are currently carried out by structured and connected networks of professional hackers that develop long-term projects and often sell themselves to certain States or, sometimes, to some international crime organizations.
As often happens in these cases, the dark web was born from research in the military field. In fact, in the 1990s, the Department of Defense had developed a covert and encrypted network that could permanently protect the communications of the U.S. espionage “operatives” who worked abroad.
Later the secret network became a non-profit network that could be used for the usual “human rights” and for protecting privacy, the last religion of our decadence.
That old network of the State Department then intersected with the new TOR Network, which is the acronym of The Onion Router, the IT “onion” covering communication with different and often separable encryption systems.
TOR lives on the Internet edge and it acts as the basic technology for its dark web.
Like the “Commendatore” vis-à-vis Don Giovanni in Mozart’s opera.
TOR, however, is a free browser that can be easily extracted from the Web.
Obviously, the more the anonymity of those who use TOR and go on the dark web is covered by effective encryption systems, the more unintentional signals are left when browsing the dark web.
Moreover, the farther you have to go, the more pebbles you need to go back, as in the Thumbelina fairy tale.
TOR and the Dark Web were born to allow the communications of U.S. secret agents, but were later downgraded to “free” communication system to defend Web surfers from “authoritarian governments”. Currently the dark web hosts a wide underground market where drugs, stolen identities, child pornography, jihadist terrorism and all forms of illegal business are traded.
Moreover, if these dark web services are paid with uncontrollable cryptocurrencies, it is very difficult to track any kind of dark web operations.
Nowadays, about 65,000 URLs operate in the dark web, which means Internet websites and Universal Resource Locators that operate mainly via TOR.
A recent study of a company dealing with cybersecurity has demonstrated that about 15% of all dark web URLs facilitate peer-to-peer communication between users and websites usually by means of chat rooms or websites collecting images, pictures and photos, which are often steganographic means and transmit hidden and concealed texts, but also for the exchange of real goods via specialized websites for peer-to-peer trading that are also encrypted, as can easily be imagined.
Moreover, a further study conducted by a U.S. communication company specialized in web operations has shown that at least 50% of the dark websites is, in fact, legal.
This means they officially deals with things, people, data and pictures that, apparently, also apply to “regular” websites.
In other words, the dark websites have been created by means of a regular request to the national reference office of ICANN, which grants the domains and registers the permitted websites, thus communicating them to the Californian cooperative that owns the web “source codes”, although not in a monopolistic way.
Currently all the large web organizations have a dark “Commendatore” in the TOR area, such as Facebook, and the same holds true for almost all major U.S. newspapers, for some European magazines but also for some security agencies such as CIA.
Nevertheless, about 75% of the TOR websites listed by the above stated IT consultancy companies are specialized URLs for trading.
Many of these websites operate only with Bitcoins or with other types of cryptocurrencies.
Mainly illegal pharmaceuticals or drugs, items and even weapons are sold in the dark web. Said weapons are often advanced and not available in the visible and overt networks.
Some URLs also sell counterfeit documents and access keys for credit cards, or even bank credentials, which are real but for subjects other than those for whom they were issued.
In 2018 Bitcoin operations were carried out in the dark web to the tune of over 872 million US dollars. This amount will certainly exceed one billion US dollars in late 2019.
It should be recalled that the total amount of money “laundered” in the world accounts for almost 5% of the world GDP, equal to 4 trillion US dollars approximately.
Who invented the Bitcoin?
In 2011, the cryptocurrency was used for the first time as a term of trade only for drug traffickers operating in the dark web, mainly through a website called Silk Road.
The alias used for those exchanges was called Satoshi Nakamoto, that was also filmed and interviewed, but was obviously another.
We should also recall web frauds or blackmails: for example, InFraud, a U.S. organization specialized in the collection, distribution and sale of stolen credit cards and other personal data.
Before being discovered, InFraud had illegally made a net gain of 530 million US dollars.
Another group of illegal operators, Fin7, also known as Carbanak, again based in the United States, has collected over a billion US dollars on the web and has put in crisis, by blackmailing them, some commercial organizations such as Saks Fifth Avenue and Chipotle, a widespread chain of burritos and other typical dishes of Mexican cuisine.
Obviously the introduction of new control and data processing technologies, ranging from 5G to biometric sensors, or of personal monitoring technologies, increases the criminal potential of the dark web.
Hence the dark web criminals will have an even larger mass of data from which to derive what they need.
The methods used will be the usual ones, such as phishing, i.d. the fraudulent attempt to obtain or to deceive people into sharing sensitive information such as usernames, passwords and credit card details by disguising oneself as a trustworthy entity in an electronic communication possibly with a fake website, or the so-called “social engineering”, which is an online scam in which a third party pretends to be a company or an important individual in order to obtain the sensitive data and personal details of the potential victim, in an apparently legal way, or blackmail by e-mail and finally the manipulation of credentials.
With a mass of additional data on their “customers”, the web criminals will be able to perfect their operations, thus making them quicker and more effective. Or the new web technologies will be able to accelerate the time needed for blackmail or compromise, thus allowing a greater number of frauds for more victims.
Biometrics certainly expands the time for the use of data in the hands of cybercriminals. Facial detection or genetic and health data are stable, not to mention the poor security of data held by hospitals. Or we have to do with the widespread dissemination of genetic research, which will provide even more sensitive data to web swindlers.
According to some recent analyses carried out by the specialized laboratories for the Web, 56% of the data most used by web criminals comes from the victims’ personal data, while 44% of the data used by swindlers comes from financial news.
Moreover, specific types of credit cards, sold by geographical area, commercial type and issuing bank, can be bought in the dark web.
85% of them are credit cards accredited for a bank ceiling, while 15% of “customers” asks for debit cards.
The web scammers, however, always prefer e-mail addresses even to passwords.
Furthermore, less than 25% of the 40,000 dark web files have a single title.
In the “dark” web there are over 44,000 manuals for e-frauds, available for sale and often sold at very low prices.
The large and sometimes famous companies are the mainly affected ones. In 2018 the following companies were the target of cyberattacks in the United States: Dixus, a mobile phone company which was stolen 10 million files; the Cathay Pacific airline, with 9.4 million files removed, but also the Marriott’s hotel chain (500 million data/files removed) and finally Quora, a website of scientific documents and generic data. Over 45 million files were removed from Quora.
How can we know whether we are the target of an attack from the Dark Web? There is certainly the presence of ransomware, such as the recent Phobos, which uses the Remote Desktop Protocols (RDP) that allow to control computers remotely.
Then there is the Distributed Denial of Service (DDoS), which is a temporary block of the Web, apparently accidental, and finally there is the traditional malware, the “malicious” software that is used to disrupt the victims’ computer operations and collects the data present on their computers.
However, the Dark Web ambiguity between common crime and the defence of “human rights” and safe communications in “authoritarian regimes” always remains.
The United States, Iran, China and other countries have already created a “fourth army”, composed only of hackers, that operates with cyberattacks against the enemies’ defence and civilian networks.
The US Cyber Command, for example, is estimated to be composed of as many as 100,000 men and women, who operate 24 hours a day to hit enemy servers (and also allies’ ones, when they contain useful information).
Just think also of the private group Telecomix, which supported the 2011 Arab rebellions and, often, also the subsequent ones.
Also in these months both Telecomix and Anonymous are working to permit the free use of the Syrian computer network.
There is often an operative interface between these groups and the Intelligence Agencies, which often autonomously acquire data from private networks, which, however, soon become aware of the State operations.
There is also cyber-rebellion, which tries – often successfully – to strike at the victims’ data stored, by deleting them.
DDoS, the most frequent type of attack, often uses a program called Low Orbit Ion Cannot (LOIC) which allows a large number of connections to be established simultaneously, thus leading to fast saturation of the enemy server.
The attacking computers can be used remotely and some groups of hackers use thousands of computers simultaneously, called “zombie machines”, to hit the database in which they are interested to delete it or to remove its files.
This type of “fourth army” can inflict greater damage on a target country than a conventional armed attack. The faster the attack, the easier is to identify the origin of the operation.
It is currently estimated that the “zombie” computers in the world are over 250 million – a greater network than any other today present in the military, scientific and financial world.
Hence a very dangerous military threat to critical infrastructure or to the economic resources of any country, no matter how “advanced” it is technologically or in terms of military Defence.
There have been reports of hackers linked to global drug organizations, especially Mexican cartels, and to jihadist or fundamentalist terrorist groups.
Financial hacking, which often supports all these initiatives, remains fundamental.
The South Korean intelligence services’ operative Lim was found “suicidal” after having purchased a program from the Milanese Hacking Team.
A necessary tool for these operations is often a briefcase containing circuits which mimic the towers of cellular repeaters and store in the briefcase itself all the data which is transferred via cetel or via the Internet Network.
The Central Bank of Cyprus, the German CDU Party and many LinkedIn accounts – a particularly favourite target of hackers – some NATO websites and, in Italy, some business and financial consultancy companies were attacked in this way.
It is a completely new war logic, which must be analysed both at technical and operational levels and at theoretical and strategic levels.
Intelligence
The Failures of Russian Intelligence in the Ukraine War and the Perils of Confirmation Bias

The Russian invasion of Ukraine defied many expectations, not least the Kremlin’s. Prior to the ‘special military operation’ launched by President Vladimir Putin last February, the Russian government expected minimal organised military resistance from the Ukrainians. A quick victory was assured, much like the 2014 annexation of Crimea but on a grander scale, with the decapitation of the Ukrainian government as a likely result. Yet, more than one year later, Ukraine remains very much in the fight, in defiance of Russian expectations. Evidently, the Russian military and political elite launched the invasion based on flawed assumptions. The question now, is what role did Russia’s intelligence services play in forming these false assumptions and why did they go unchallenged?
Much of the blame may rest on Putin himself according to a paper published in The British Journal of Politics and International Relations in December last year. Before the invasion, it was widely assumed that the Russian President’s ability to use strategic intelligence was virtually unrivalled on the world stage. Unlike other world leaders, Putin possesses a professional background in intelligence, having been both an officer in the KGB and director of the Federal Security Service (FSB), between 1998 and 1999. Russia’s swift and surprising annexation of Crimea and ability to disrupt targets with hybrid warfare was further evidence of Putin’s strategic acumen. However, the events leading up to and during the war in Ukraine cast the Russian President in a different light, as a deeply flawed intelligence manager and consumer.
One issue highlighted by the paper’s authors is that intelligence agencies within authoritarian regimes are blindsided by ‘a frequent inability to accept dissenting judgements as being offered in good faith.’ This appears to have been true of the Russian intelligence agencies prior to the invasion of Ukraine. Instead of offering their primary intelligence customer an intellectually honest assessment of the situation in Ukraine, the intelligence services appear to have disseminated intelligence that merely confirmed his biases. As explained by a group of experts in May last year, ‘Putin believes Ukraine is or ought to be Russian and whatever passed for intelligence preparation for the invasion may have confirmed this in his mind… We can infer that Russian intelligence services supported Putin’s view of Ukraine as a state ready to be absorbed.’
Ultimately, the officers of Russia’s intelligence agencies, be it the FSB, Foreign Intelligence Service (SVR), or Main Intelligence Directorate (GU), are dependent on Putin for their advancement, prosperity, and survival. This encourages a culture whereby the intelligence services compete for his approval, which is far from useful in terms of generating dispassionate and unbiased intelligence products. Years before the invasion, in 2017, Professor Brian D. Taylor argued that independent thinkers had largely left the Russian intelligence services, the implication being that they were now staffed by individuals who were content to conform with the dominant viewpoint. This has led to the formation of an institutional culture compromised by groupthink.
A very public example of the Russian intelligence community’s hesitancy to speak truth to power came in February 2022, when Director of the SVR Sergey Naryshkin was humiliated by Putin during a televised meeting of the Security Council. When questioned whether Russia should recognise the two self-proclaimed republics of Luhansk and Donetsk, Naryshkin suggested giving the West one final chance to return to the Minsk agreements. This was evidently not what Putin wanted to hear and he pressed a now visibly nervous and stuttering Naryshkin until the latter agreed that it would be the right course of action for Russia to recognise the two breakaway republics. Of course, this was a clear example of political theatre, but it does not bode well that Putin was willing to publicly humiliate one of his intelligence chiefs. Whilst it is not known what goes on behind close doors, there has been increasing scrutiny of Putin’s behaviour which suggests that the Russian leader has put an unhealthy amount of distance between himself and his top officials.
This is not to say that Putin micromanages the intelligence services or that he predetermines every decision without any recourse to their advice. Indeed, the intelligence services wield a tremendous amount of influence over high-level decision making. The problem is more so that the intelligence services are institutionally incentivised to say what they think Putin wants to hear. His views on Ukraine were well-publicised before the invasion, and no doubt senior intelligence officials would have been familiar with his frame of mind. His dismissal of there being a legitimate sense of Ukrainian nationalism and a belief that Ukrainians would be willing to join Russia and reject Western moral decadence and degradation were hardly secrets. For the intelligence services competing to win approval, there would have been few incentives to contradict this official narrative. Russian intelligence preparation for the invasion therefore likely served to confirm the Russian President’s biases.
There is some evidence to the contrary. According to US intelligence documents leaked in April, the FSB accused Russia’s Ministry of Defence of underreporting Russian casualties in Ukraine. Allegedly, the FSB was critical of the Ministry of Defence for failing to record the losses suffered by the Russian National Guard, the Wagner Group, or fighters under the command of Chechen leader Ramzan Kadyrov. The FSB’s casualty estimates were reportedly roughly double those given by Russian Defence Minister Sergei Shoigu in December. This does indicate a willingness to break bad news and contradict the official narrative. However, in this particular case, the FSB stands to enhance its own standing with Putin by undermining the Russian Ministry of Defence, thus fitting the broader pattern of institutional rivalry.
Naturally, much remains unknown about the activities and procedures of the Russian intelligence services prior to and after the invasion of Ukraine. What the available evidence does suggest however, is that Russia’s intelligence services are burdened by political considerations and biases which interfere with their ability to plan, direct, collect, process, analyse, and disseminate valid and useful intelligence. The Russian President bears much of the blame for the creation of a professional culture which does nor prioritise the truth as the highest good. Consequently, Russia initiated its invasion of Ukraine based on faulty assumptions and was unable to forecast the Ukrainian reaction with much accuracy.
Intelligence
Iran Threat to National Security 2023

The annual Threat Assessment of the U.S. Intelligence Community for 2023, identified Iran as the third greatest national security threat to the United States, after China and Russia. As those two countries have been covered in other reports, this paper will focus on the Iran threat, evaluating it within the framework of a PMESII analysis. PMESII is an acronym used in military and intelligence services which analyses threat countries across six dimensions: Political, Military, Economic, Social, Infrastructure, and Information.
1. Political: This dimension examines political systems, governance structures, institutions, and decision-making within a country, as well as the effectiveness of these systems and institutions. It also considers the stability or instability of the government.
The Islamic Republic of Iran (Jomhuri-ye Eslami-ye Iran), formerly known as Persia, has a population of around 88 million, and is located in Western Asia, bordering on Iraq, Turkey, Azerbaijan and Armenia, the Caspian Sea and Turkmenistan, Afghanistan, and Pakistan, and by the Gulf of Oman and the Persian Gulf. The country is a theocratic republic, with a Shia Islamic legal framework.
Iran regularly holds elections, but the quality of democracy is limited because of the influence of the Guardian Council, an unelected body with the power to disqualify candidates on religious grounds. Iran has a president who is elected by the people, but the president is only the head of government, not the head of state. As head of government, the president oversees the operations and implementation of government. True executive power rests in the head of state, the Supreme Leader, Ayatollah Ali Khamenei. The Supreme Leader controls numerous unelected institutions, including the security forces and the judiciary, which are used to suppress dissent and to restrict civil liberties.
Since the establishment of the Islamic Republic of Iran in 1979, the Supreme Leader has always been an Ayatollah. The founder of the Islamic Republic was Ayatollah Ruhollah Khomeini, who maintained the title of Supreme Leader until his death in 1989. He was succeeded by Ayatollah Ali Khamenei, the current Supreme Leader.
The Supreme Leader presides over the Guardian Council, which interprets legislation and elections to determine if they are consistent with the principles of Islam and the Iranian Constitution. The Guardian Council has twelve members, six of whom are appointed by the Supreme Leader. The remaining six are nominated by the Judiciary and approved by the Parliament (Majlis).
In terms of political rights, Freedom House assigns Iran a score of 4 out of 40 and civil liberties 10 out of 60. Citizens have the right to form political parties, but those parties must be loyal to the current government. Change is unlikely to come within the existing governmental framework because of the influence of the unelected bodies. In 2021, for example, the former vice president Jahangiri, was disqualified from running for president because he was determined to be a reformist.
The government is largely dominated by men from the Shiite Muslim majority. Women hold some appointed positions, but generally not powerful ones. In the parliament, five seats are reserved for recognized non-Muslim minority groups: Jews, Armenian Christians, Assyrian and Chaldean Christians, and Zoroastrians. However, members of these groups would generally not be appointed to high-level government posts.
Corruption is rife in Iran. Transparency International assigns Iran a score of 25/100 for corruption, whereby a lower score denotes higher levels of corruption. Iran ranks 147th out of 180 nations. Much of this corruption is attributable to the Islamic Revolutionary Guard Corps (IRGC) which is above scrutiny in practice, and is protected from criticism by the media and civil society.
The Islamic Revolutionary Guard Corps (IRGC) is a military/paramilitary organization with vast political and economic power. The IRGC was formed immediately after the 1979 Iranian Revolution, tasked with safeguarding the principles of the Islamic Republic and protecting the country’s sovereignty. Under the direct control of the Supreme Leader, the IRGC controls large sectors of the economy helping fund Tehran’s activities. The IRGC also provides military assistance to entities beyond Iran’s borders, as it has done for various groups in Afghanistan, Iraq, Lebanon, Palestine, Syria, and Yemen.
The group’s mandate includes defending the nation against external threats and maintaining internal security. The IRGC is also assigned the duty of preserving the Islamic Republic’s revolutionary ideals and ensuring compliance with Islamic principles. Additionally, it has significant influence on Iran’s foreign policy, including supporting regional proxies and paramilitary groups, by providing training, weapons, and logistics. On the economic front, the IRGC is involved in a broad array of businesses, including construction, infrastructure development, energy, telecommunications, and others. It owns and operates numerous conglomerates and companies which augment the groups financing and influence.
2. Military: The military dimension of PMESII assess a country’s military strength. It is not comprehensive, however, as it mostly considers personnel and hardware. It does not consider alliances, overseas bases, or the quality of equipment or quality and experience of personnel. All of this will be covered in greater detail in a separate report.
The U.S. ranks first in global firepower. Iran ranks 17th. The U.S. population is 337 million, compared to Iran’s 88 million. The U.S. is the world’s number-two nuclear power. While it is widely suspected that Iran is working on a nuclear weapons program, to date, it seems they do not possess any nuclear weapons.
The number of active-duty troops is1.39 million for the U.S. and 575,000 for Iran. Additionally, Iran has about 90,000 paramilitary personnel. Comparing the defense budgets, the U.S. spends $762 billion and Iran $25 billion.
Aircraft – US 13,300 to Iran’s 541
fighter aircraft -1,914 to 196
Transports – 962 to 86
Helicopters – 5,584 to 126
Attack helicopters – 983 to 12
Tanks – 5,500 to 4,071
Armored vehicles – 303,553 to 69,685
Self-propelled artillery – 1,000 to 580
Towed artillery – 1,339 to 2050
Ships – 484 to Iran’s 101
Aircraft carriers – 11 to 0
Helicopter carriers – 9 to 0
Submarines – 68 to 19
Destroyers – 82 to 0
Frigates 0 to 7
3. Economic: Wars are costly to wage. Existing assets have to be deployed, possibly overseas, which is expensive. Factories need to begin churning out exhaustible resources, such as ammunition and artillery shells, as well as replacement vehicles, planes and ships. Uniforms and weapons for new recruits must also be produced en masse. Wars are generally funded by debt, with governments issuing war bonds. The ability to sell those bonds and the interest rate the government has to pay is determined by the nation’s creditworthiness, its economic condition before the war, and whether or not the country is under sanctions. The Ukraine War has underscored the power of sanctions and their ability to prevent dollars from flowing into a country deemed the aggressor. Iran would be incapable of levying meaningful sanctions against the U.S. The U.S., by contrast would be able to bring sanctions against Iran. China would most likely help Iran bypass sanctions, but in the end, the U.S. would be able to reduce the amount of money flowing into Iran, while Iran would not be able to do the same to the U.S.
The size of the potential pool of soldiers is important, as is the number of workers available to produce war materials. The U.S. labor force consists of 163 million workers, while Iran’s comprises only 28 million.
Iran holds foreign currency reserves valued at $21.4 billion, while the U.S. holds about $37.5 billion. Roughly 60% of foreign currency reserves around the world are held in U.S. dollars. The U.S. does not hold as much foreign reserves as countries such as China and Japan, but this is because the U.S. government has access to more-or-less unlimited quantities of U.S. dollars.
Basic Indicators for Iran
GDP = $352.2
GDP Per capita = $5344.96
Inflation rate = 43.3%
Unemployment = 9.7%
Corruption and mismanagement, including price controls and subsidies, weigh heavily on the Iran’s economy. The reliance on oil as well as government domination of numerous industrial sectors further inhibit Iran’s development. There is also a significant brain drain as many of the most qualified people flee the country, in search of a better life abroad.
The Heritage Foundation assigns Iran an overall economic freedom score of 42.2 out of 100, making it the 169th freest country in the world. For business freedom Iran scored 38.9 out of 100, labor freedom of 50.7, monetary freedom of 40.6 and financial freedom of 10.
Investment in new businesses, as well as economic development in general, are directly correlated with the protection of property rights and enforcement of contracts. For property rights, Iran scored 25/100, judicial effectiveness 26/100, and for government integrity 20/100.
4. Social: The social dimension looks at societal and demographic elements, including social unrest, ethnic or religious tensions, and social cohesion which might weaken a country’s ability to fight a war.
Ethnicities: Persians 61% of the population, Kurds (10%), Lurs (6%), and Balochs (2%), Azerbaijanis (16%), Arabs (2%), Turkmens and Turkic tribes (2%), followed by a small number each of Armenians, Assyrians, and Georgians.
Religion: Islam is the official religion, accounting for roughly 99.4% of the population. Shi’a Muslim (89%) and Sunni (10%). The remaining 1% is composed of Christian, Zoroastrian, Baha’i and Jewish. Christians are the largest minority religion with 250,000 to 370,000 followers, mostly of Armenian origin.
The government punishes Shi’a Muslims who they believe have failed to uphold Islamic values, while Sunnis, Christians, Jews, and other non-Muslims have all been victims of repression. Some religious minorities are effectively banned, such as Baha’i and unrecognized Christian groups. Baha’i members have been persecuted, jailed, and banned from attending university.
The Iranian constitution allows freedom of assembly, as long as gatherings are not “detrimental to the fundamental principles of Islam.” Given the state’s interpretation of detrimental, there is effectively no freedom of assembly in Iran. Protests and unauthorized gatherings are generally met with brutal force. In 2022, the government used lethal force to suppress protests against water shortages and poor living conditions in several provinces. Human rights leaders and labor rights advocates have been arrested or punished on an arbitrary basis. Activists can even be arrested without a warrant. The lawyers who defend them can also face jail time.
5. Infrastructure: an analysis of critical systems, such as transportation networks, energy systems, telecommunications, and industrial facilities can help to determine a county’s vulnerabilities, resilience, and potential risks.
The United States has 13,513 airports while Iran has 319. The U.S. has 35 ports, but Iran only 4. In oil production, the U.S. also leads with 18,000,000bbl, compared to Iran’s 3,450,000bbl.
Proven oil reserves – U.S. 50,000,000,000bbl, Iran 210,000,000,000bbl
Natural Gas Production – US 967,144,362,000bbl, Iran 237,561,415,000bbl
Coal Production – 495,130,000bbl, Iran 2,783,000bbl
6. Information: The information dimension analyzes the flow of information, as well as the communication systems, and media within a country. This analysis helps to understand how public opinion is formed and how propaganda and disinformation are disseminated.
In Iran, there is little media freedom either on or off line. Newspapers and other media are heavily censored, and the government directs journalists as to which stories to cover and which to avoid. Critics and opponents of the government are never given a platform. Many foreign websites, including news sites and social media, are blocked. Satellite dishes are illegal, and the police have actually raided homes, confiscating dishes. Persian language journalists working abroad have had their families threatened if the state did not approve of their reporting.
Reporters without Borders Ranks Iran as 177th least free country out of 180. Television is controlled by the state, and Persian language TV broadcasts from outside of the country are jammed. State television often airs confessions extracted from political prisoners by way of torture. Over the past two years, there has been a particular crackdown on journalists with an increased number of arrests and imprisonments. In one case a journalist was sentences to 90 lashes for allegedly making false news reports. The Islamic Republic has been known to target for kidnapping Iranian journalists operating abroad, as nearly happened to journalist Masih Alinejad in July 2021.
Academia is also not free and contains a great deal of indoctrination. The Supreme Leader, Ayatollah Khamenei warned that universities should not become centers for political activities. Students and professors have been jailed for speaking out against the regime or studying or teaching material which the state disapproved of.
Digital communication is monitored by state intelligence agencies. At the same time, the Iranian government utilizes online platforms and social media to disseminate propaganda and to influence the public. To this end, troll farms have been utilized, creating fake accounts and manipulating online discourse to support Tehran’s narratives. State sponsored cyber hacking is another way that Tehran controls the information space. And while the government has access to the most modern technology, the country suffers from a massive urban/rural divide, with much of the rural population unable to access the internet.
Online activism is illegal. And, the government is looking for ways to make accessing forbidden content even more difficult. In July of last year, the parliament began considering criminalizing the use and distribution of virtual private networks (VPNs) and requiring internet users to verify their legal identities. In January, 2023, it was announced that the unauthorized sale of VPNS would be banned.
Intelligence
International Information Security in US-Russian Bilateral Relations

There have been periods of convergence and cooldown in U.S.-Russian relations on issues pertaining to international information security (IIS), the latter being witnessed by us today.
Moscow remains open to dialogue, advocating the rules of responsible conduct for governments, with a view to boosting peaceful development of the ICT environment, both globally and bilaterally. However, Washington is betting on maintaining its leadership and deterrence of Russia in cyberspace, so reaching agreements in the near future seems rather unlikely.
Amid a complex geopolitical environment, communication between the two countries needs to be maintained for managing contradictions and reducing the risk of escalation in cyberspace. Today, bilateral interaction takes place on the platform of the UN Open-ended Working Group on the Safe Use of ICTs (OEWG), which was established at the initiative of Russia. Informal diplomacy of the expert community, business representatives and NGOs can play an important role in determining possible areas of cooperation between the two nations in the long term.
Cybersecurity as a foreign policy priority for Russia and the U.S.
In 1998, Russia turned to the United States with a proposal to sign a bilateral agreement focused on preventing the militarization of the information space. Washington did not endorse Moscow’s peacemaking initiative, willing to keep a free hand in the military use of ICT. In the same year, Russia proposed this issue to the UNGA, which became the starting point of the UN negotiation process on IIS. Since then, at the initiative of the Russian side, a resolution on “Developments in the Field of Information and Telecommunications in the Context of International Security” has been annually adopted at the UNGA. Six groups of government experts were convened to discuss this problem, and four of them managed to pass the final reports.
The most important result of Russia’s diplomatic efforts was the adoption of 13 rules of responsible behavior of states in the global ICT environment, which were outlined in the 2018 UNGA resolution. These include: non-use of force or threat of force in the ICT environment, respect for state sovereignty, peaceful resolution of disputes, inadmissibility of unproven accusations of cyberattacks, etc.
In the early 2000s, this topic, largely due to the efforts of Russian diplomats, entered the agenda of most global and regional forums, including the SCO, CSTO, BRICS and others. IIS is currently one of the key topics.
According to complex expert ratings, Russia and the U.S. (along with China) are the leading cyber powers as of today. Therefore, their relations in the field of cyber security bear critical importance for the whole international community. Russia supports digital multipolarity and peaceful development of the ICT environment, while the United States seeks to preserve its leadership and sees Russia and China among its main strategic rivals in information and real geopolitics. The U.S. National Security Strategy of October 2022 considers deterring Russia and China, including in cyberspace, as one of the national security priorities.
The priority nature of international information security for Russia is enshrined in a number of strategic planning documents, such as the Fundamentals of Russia’s National Policy in International Information Security 2021, National Security Strategy 2021, and others. According to these documents, Russia pursues a policy towards shaping a peaceful and stable ICT environment and an inauguration of the IIS regime.
The U.S. has long been wary of Russia’s proposals, seeing them as an attempt to limit the development of ICT and challenge American leadership. In April 2022, the United States issued a Declaration for the Future of the Internet, proposing to fight for freedom of information transfer, and naming authoritarian states Russia and China as antagonists of the free Internet.
However, vulnerability to cyber threats has repeatedly prompted the U.S. to seek bilateral agreements with Russia.
In 2013, on the sidelines of the G8 Summit in Lough Erne, a Joint Statement of the Presidents of the Russian Federation and the United States of America on a New Field of Cooperation in Confidence Building. It included three documents stipulating the establishment of direct lines of communication between Moscow and Washington to prevent any escalation of cyber incidents, to promote the exchange of information between national security supervisors, as well as to establish incident and emergency response teams. A special working group was supposed to foster such cooperation. However, as a result of the general chill in the relations between Russia and the Collective West after Russia’s reunification with Crimea in 2014, Washington suspended its participation. A direct line of communication was used in October 2016, when President Obama contacted Moscow in view of hacking attacks on U.S. political institutions on the eve of the U.S. presidential election. The conflict was frozen, but it was an important precedent that attested to the importance of responding to various incidents or emergencies and the importance of communication channels between the two countries.
It was much more difficult for Donald Trump to collaborate in this area due to allegations of his ties to “Russian hackers,” which is why discussions on this issue did not result in practical agreements. In July 2017, during a meeting with Trump in Hamburg, Russian President Vladimir Putin proposed to step up engagement in cyberspace. Initially, the head of the White House publicly expressed support for the initiative, backtracking later due to the pressure from the U.S. Congress. During the 2018 meeting between the two leaders in Helsinki, Russia offered cooperation in preventing cyberattacks on critical infrastructure, but Washington rejected that initiative as well.
Collaboration between Russia and the United States to promote information security in historical perspective
The dynamics of negotiations changed under Joe Biden. On September 25, 2020, President Vladimir Putin proposed a project called to normalize U.S.-Russian relations in cyberspace, which included an exchange of “guarantees of non-interference in domestic affairs, such as election campaigns, using the ICT leverage.” The initiative followed a growing number of accusations by various U.S. political forces that Russia had deliberately interfered in the U.S. elections. Moscow has always denied and still denies the very possibility of such interference. The U.S. did not support the proposal, but Russia’s efforts bore fruit later. During the meeting of Putin and Biden on June 16, 2021, the two leaders reached an agreement on cooperation in fighting cybercrime. Besides, a joint U.S.-Russian resolution on international information security was proposed and subsequently adopted as a follow-up to the agreements at the UNGA level.
In 2022, the U.S. unilaterally withdrew from cyber agreements reached in 2021 under the pretext of Russia’s special military operation (SSO) in Ukraine, embarking upon the path of aggressive unilateral action. As Oleg Syromolotov, Russian Deputy Foreign Minister, points out, Washington is supporting Ukraine’s IT army, including for attacks on critical information infrastructure. At present, the largest number of cyberattacks on Russian territory comes from the United States, NATO member states and Ukraine.
Thus, in the short term, the U.S. is not willing to engage in dialogue with Russia as an equal partner, while Moscow will not accept any interactions imposed on it from a position of power. Moreover, as was noted by Andrey Krutskikh, Special Representative of the President of the Russian Federation for International Cooperation in the Field of Information Security, “statements about the need to inflict a strategic defeat on Russia sidetrack any opportunity for dialogue.”
Problems of reconciling the approaches of the two nations to IIS
This situation in bilateral relations is far from new. We can draw parallels with the crises of the Cold War, when the parties saw the need for dialogue in the face of acute mutual contradictions. Today, interaction on cyber issues is carried out on the OEWG platform. During the Cold War, the UN performed the same functions in the area of strategic stability as the OEWG does today in cyber policy and IIS.
In addition to the OEWG, the UN Special Committee on Combating the Criminal Use of ICTs, also established at Russia’s initiative, successfully follows through with its effort.
Despite the fact that Western states have repeatedly tried to divert the OEWG’s discussions—away from the mandated issues of designing rules of responsible conduct for state actors in the ICT environment to the discussion of Russia’s special military operation in Ukraine—the platform has maintained its importance, with Western nations, along with Russia and its partners, actively participating in the proceedings of the platform.
Moreover, there has been a shift in the U.S. position on the regulation of the global ICT environment. The U.S. officially declares the need to develop rules for the behavior of state actors in the information space. Thus, the State Department’s Bureau of Cyberspace and Digital Policy defined the development of rules of responsible conduct for states in cyberspace as one of its goals in 2022. U.S. support for the UN dialogue is related to the fact that the U.S. is becoming more vulnerable in the midst of multipolar digital world order.
Thus, Moscow’s and Washington’s approaches to a potential cybersecurity dialogue at the UN level may seem to be complementary on many issues. No reconciling is to be expected, however. The U.S. and its allies seek to “hijack the agenda” in global forums, orienting the global community towards their own initiatives. As for the rules of responsible conduct for state actors—the area of cooperation traditionally supported by Russia—the U.S. took a stand in favor of the French draft resolution of the UNGA “Program of action to advance responsible State behavior in the use of information and communications technologies in the context of international security” in 2022. This program, as conceived by its authors, should become a permanent UN institutional mechanism for discussing issues related to countering global threats in the field of ICT. It is suggested that the French project should be launched once the OEWG mandate expires in 2025.
The document presents a number of propositions that coincide with Russia’s stance on IIS and that our country has been proactively promoting over the past 20 years. In particular, there is an emphasis on the priority role of the UN in the process of negotiations on those issues. It is also recognized that, taking the specifics of ICT into account, new binding norms might be adopted in the future, and the significance of the results already achieved within the framework of the UN GGE on IIS is also pointed out. The discrepancy has to do with the longer-term prospects of cooperation. In the long run, Russia advocates for an international convention on IIS under the auspices of the UN, while the West insists on non-binding voluntary norms, conditioning the rapid obsolescence of any document on the speed of technological advancement. Non-binding norms are insufficient to deal with the increasing intensity and danger of threats to IIS, and this explains why the Russian vision is backed by many states. In 2023, Russia submitted its draft resolution “Developments in the Field of Information and Telecommunications in the Context of International Security” to the UNGA, which was backed at the General Assembly.
Besides, there are contradictions in the area of combating the criminal use of ICTs. The United States supports the 2001 Budapest Convention, which makes it possible to combat cybercrime without regard for state sovereignty and, in fact, assumes extraterritorial extension of the right of the strongest in this area. Russia, for its part, supports the adoption of a UN Convention, stemming from the principle of inviolability of state sovereignty in combating the criminal use of ICT. At the same time, successful discussions on the draft convention proposed by Russia show support for the Russian vision of IIS, focused on the respect for state sovereignty, equal partnership and formation of international regimes on the basis of legally-binding agreements.
Meanwhile, U.S. initiatives have, for the most part, a limited number of supporters. For example, about 60 states have joined the Declaration for the Future of the Internet. As was noted in the report Confronting Reality in Cyberspace: Foreign Policy for a Fragmented Internet co-authored by Nathaniel Fick, Head of the State Department’s Bureau of Digital Policy and Cyberspace, norms are better used for rallying allies than for managing the behavior of competitors. Washington’s approach is not widely supported around the world, and only its closest allies are willing to sign on to it. Many nations support Russian initiatives, or back both Russian and Western approaches, as they try to avoid politicization in this area.
At the same time, the U.S. expert community, traditionally having a serious influence on foreign policy, is getting tired of anti-Russian rhetoric. In particular, the authoritative political scientist John Mearsheimer argues in his article published by Foreign Affairs in 2022 in favor of dialogue between Washington and Moscow as it could prevent further escalation between the nuclear superpowers. Another prominent realist, Stephen Waltz, published an article following a similar logic. Cyberspace experts pay more attention to the need for dialogue and parity with China, than with Russia, although some publications are devoted to the necessity of dialogue between superpowers in order to prevent global “cyber disorder.” Similar ideas are expressed in the European expert community, including among SIPRI experts. Russian experts and politicians have repeatedly stated that Russia is ready to cooperate on the condition of equal partnership.
Yet, given the modern-day circumstances, no political force in Washington can support cyber negotiations with Russia as anti-Russian sentiments are very strong in the American society. Be that as it may, from practical perspectives, the U.S. is still interested in cooperation to de-escalate incidents and combat cybercrime, as Biden’s representatives have repeatedly stated before. Thus, one should not expect deeper cooperation and new documents adopted, but the U.S. will probably seek to preserve the existing channels of communication instead of tearing relations completely. Drawing an analogy with the Cold War, one can argue that cybersecurity is becoming part of a new strategic stability equation in bilateral relations, despite Washington’s unwillingness to openly admit it, as it insists on maintaining its leadership in this area.
Conclusion
With bilateral ties severed through Washington’s fault, the UN’s OEWG still serves as a channel of communication, which is especially important in promoting information security, where misattribution of a cyber incident can lead to escalation. The prospect of new bilateral agreements on information security signed looks rather unlikely in the foreseeable future; and the most important task is to maintain the level of ties and relations that have been achieved so far.
Despite growing tensions in the international arena, there have been no major cyber clashes between cyber powers. This suggests that states view the use of cyber weapons as one of the “red lines”, being well aware that crossing them could lead to an unwanted escalation. Thus, the IIS in bilateral relations confirms is the best evidence that it belongs to a larger network of strategic stability relationships.
Even the crisis in U.S.-Russian relations, following the launch of Russia’s operation in Ukraine, did not see any changes in the activities of the UN platforms—the dialogue remained intact. The OEWG, as a negotiating platform on international information security, has passed the test in a rough environment, having proven the relevance of such platforms as well as Russia’s global initiatives. In the long run, informal channels of communication will be important, including expert, academic and business meetings, where the search for ways to develop bilateral relations in the cyber space will be possible.
From our partner RIAC
-
World News3 days ago
“Foreign Affairs”: Does America still need Europe?
-
East Asia3 days ago
China’s Game in the Arctic: A Tale of Deception?
-
Americas3 days ago
For U.S. politicians, a free Honduras should be a bipartisan priority
-
Finance4 days ago
7 Reasons Why Your TikToks Are Not Going Viral
-
Southeast Asia3 days ago
ASEAN needs to walk a tightrope
-
Defense3 days ago
From Strategic depth to Strategic Threat
-
Finance3 days ago
The railway route from St. Petersburg to the shores of the Persian Gulf
-
Science & Technology3 days ago
The Power of Empathy: Building Connections in the Digital World