Deterring Iran's Use of Offensive Cyber: A Case Study

: Since 2011, Iran and the United States have been engaged in a low-level cyber conflict. Iranian cyber forces and cyber proxies have launched distributed denial of service (DDoS), web defacement, spear phishing, and data manipulation attacks against U.S. and allied banks, media outlets, government offices, social networking sites, and military communications networks. These attacks pose critical questions for U.S. entities with cyber roles and missions. Can Iran be deterred from engaging in offensive cyber? If so, how? What would a deterrence strategy that targets Iran s use of offensive cyber look like? This paper explores how the concept of tailored deterrence could be applied to Iran in the cyber sphere. Utilizing a case-studies approach, it analyzes some of the unique features associated with the regime s political and military decision making processes, how its cyber programs and entities are structured and affiliated with the regime, the TTP that these entities employ, their relative capabilities, and how these factors could play in a cyber-deterrence scenario.