On Feb. 13, US Director of National Intelligence (DNI) Daniel Coats presented the 2018 “Worldwide Threat Assessment,” an annual compendium of challenges to American security. These unclassified statements function as an analytical least common denominator, offering a window into the intelligence community’s thinking. How that community conceptualizes threats in their written product will inevitably impact their main consumer: American policymakers, and ultimately, the president.
On select measures of the Iran threat, the 2018 document is remarkably consistent with themes from the 2017, 2016, and 2015 assessments. This is most evident when it comes to Tehran’s support for terrorism as well as the country’s growing ballistic missile capability (which is restated in a pithier fashion, particularly when compared to older assessments of the missile program, such as from 2010). Moreover, similar points from past assessments were made about the overall utility of the Joint Comprehensive Plan of Action (JCPOA) nuclear accord for Tehran. Yet, in this latest assessment, additional attention is paid to Iran’s evolving cyber aptitudes and to its turbulent domestic politics, particularly given the protests in 2017/2018.
On cyber, the assessment listed Iran as among four cyber powers hostile to the US, along with Russia, China, and North Korea. It also implicitly frames Iran’s activities in the cyber domain as two-pronged: the desire to do damage to regional adversaries, and the desire to engage in espionage and prepare “for potential future cyber attacks” against the West.
While the 2018 assessment highlights a “recent restraint from conducting cyber attacks on the United States or Western allies,” the 2017 document reported two cases (in 2013 and 2014) of Iranian cyber-enabled hacking against the US. There is evidence to suggest, according media reporting from 2017, that an Iranian cyber firm attempted to target “a US organization in the aerospace sector” up until “early 2017.”
Unfortunately, the 2018 document provided no rationale for the alleged restraint by Iran against the West in cyberspace. Has Iran perceived a change in US cyber strategy? Is tougher rhetoric stemming Tehran’s desire to test Washington? Does Iran lack the capability to mount challenges in cyberspace that can sufficiently mask its hand? Or is Iran just opportunistically lying low? The answers to these questions are what policymakers will need to make sense of Iran’s long-term cyber intentions as well as to beef-up critical infrastructure at home.
With respect to the JCPOA, the 2018 assessment once again framed the accord as being transactional – and not transformational – for the Islamic Republic. Put more plainly, it is a “means” to a sanctions-free end. This description should be read and re-read by JCPOA advocates in Washington who have tried to present the deal as a measure of Iranian “moderation” or as proof that the Islamic Republic is not an international pariah.
Previous post-deal assessments by the DNI similarly discuss Tehran’s acceptance of the JCPOA while noting Iran’s desire to retain “some nuclear capacity.” Naturally flowing but missing is the rationale for such capacity. Could it indicate a hedging strategy, a source of leverage against the West, or merely a domestic face-saving measure? More than two years into the accord, it also fails to answer if there has been a political decision to permanently forswear a weapons route. And while the 2018 assessment touts enhanced verification granted to the International Atomic Energy Agency (IAEA), open-source Iran Watchers have consistently cited less robust IAEA reporting on Iran’s nuclear program since the accord came into effect.
Lastly, on the domestic front, ample ink was devoted to explaining the impact of factionalism on the regime’s domestic make-up and international orientation. While the document did not deploy the misnomer “moderate” and refrains from calling Iranian President Hassan Rouhani as such, it did entertain somewhat optimistic narratives less than conducive to understanding the Iran threat.
In no small part, this appears driven by the document’s overemphasis of an Iranian domestic contest between alleged “centrist and hardline politicians.” While there are a multitude of political factions in Iran, their overall loyalty – if they are to remain relevant – is to the revolution and it’s Supreme Leader. This effectively makes the debate between Iranian factions one over tactics and not strategies.
The document’s reference to this squabble as “a key driver in determining whether Iran changes its behavior in ways favorable to US interests” misread the conditions under which Iran has previously altered its threatening behavior. It also misread the current state of Iran’s reform movement. Irrespective of the political faction at the helm, the preponderant cause for a change in Iranian security policy, no matter how short lived, has usually been external pressure. That is not to say that politics and factions don’t exist in Iran or that they have no impact. But rather, the document could have benefited from a rank ordering of the drivers of Iranian security policy, as assessed by the intelligence community.
Lastly, implicit in the importance the document ascribed to Iranian factional infighting is the character of Iran’s current president. President Rouhani was described as the head of a centrist camp calling for “greater social progress, privatization, and more global integration.” But Rouhani’s nearly four-decade career in the Islamic Republic’s security bureaucracy attests to his interest in the art of political survival rather than the arduous process of reform.
Put differently, Rouhani is proof of stasis, and not genuine change. That point is one which should have been borne out in the most recent Worldwide Threat Assessment.
Behnam Ben Taleblu is a Senior Iran Analyst at the Foundation for Defense of Democracies