We must constrain Iran's access to weapons — especially as it steps up cyberattacks

We must constrain Iran's access to weapons — especially as it steps up cyberattacks

Iran is now an aggressive threat to global health. Whether you agree with President TrumpDonald TrumpNorth Carolina Senate passes trio of election measures 14 Republicans vote against making Juneteenth a federal holiday Border state governors rebel against Biden's immigration chaos MORE’s Iran policy of maximum pressure in general, or the State Department’s argument that the United Nations arms embargo against Iran should not be allowed to expire in October, the administration’s treatment of Iran as a dangerous and irresponsible international player just gained a strong, new argument. 

In October, United Nations Security Council members will decide whether to allow the ongoing arms embargo to expire, which would allow Iran to purchase conventional weapons, presumably from Russia and China, and to modernize its forces with more advanced weapons systems. Both Russia and China likely will veto an extension. The votes of other council members are less clear, and presumably the State Department is working to secure all the votes it can. In the meantime, many, including our European allies, argue that the U.S., having departed the Iran nuclear accord known as the Joint Comprehensive Plan of Action (JCPOA), has forfeited its right to “snap back” all U.N sanctions if members do not renew.  

With no unanimity for embargo renewal, and no return to the U.N. sanctions limiting Iran’s ability to buy weapons, only secondary U.S. sanctions and the existing European Union (EU) arms embargo against those who sell arms to Iran would restrain Iran from re-arming itself.  Those restrictions simply are not enough.  


While critics of the U.S. argument that it can insist on a return to full sanctions may have something to quibble about, now is not the time to stand on legal arguments. Nor is it time to suggest that by allowing the arms embargo to expire and avoiding sanctions “snapback,” the JCPOA can be kept alive as a basis for future discussions with Tehran. Under any circumstance,  arguments that allowing Iran to re-arm is a fair exchange for preserving the basis of future negotiations is a dangerous suggestion. But with Iran targeting the health of our citizens, it is nothing short of irresponsible.    

Iran has taken advantage of a world distracted by the coronavirus. At least since April, it has engaged in aggressive, widespread cyberattacks against the international community’s efforts to mitigate the impact of the pandemic that have been especially nefarious. In the latest of a series of escalated attacks, cyber criminals and state-sponsored hackers in Iran have directly targeted government and civilian instruments of public health and well-being. Those recently targeted by Iran include private organizations involved in COVID-19 responses, the World Health Organization (WHO), private medical research and health care bodies, pharmaceutical companies, academic and scientific facilities attempting to find a virus cure, and local governments struggling to care for the stricken as well as develop policies to protect communities.  

According to a former hacker for the National Security Agency (NSA), such targets are normally reserved for war or near-war situations. 

Iran’s activities are more than just disruptive. They are seeking to obtain sensitive data on virus-related research, as well as targeting health care organizations and their workers who are dedicated to finding virus relief. In fact, Iran could pose a threat to the delivery of secure and effective treatment options. Among those reportedly targeted by Iran is Gilead Sciences, Inc., which the Food and Drug Administration (FDA) publicly announced as the originator of an antiviral drug recently approved for emergency use as a potential COVID-19 treatment. Iran also attacked the personal accounts of WHO employees. In another instance, Iran’s vehicle for aggression was disguised as a coronavirus newsletter from the U.K’s British Broadcasting Corporation (BBC).

Although underreported in the media, both the United States National Counterintelligence and Security Center and the United Kingdom issued warnings of the threat to all medical research organizations. In addition, as recently as last week, officials from the FBI and the Department of Homeland Security’s Cyber and Infrastructure Security Agency charged that Iran and China are waging war against those working to find a vaccine against coronavirus, and that such attacks may have hindered vaccine research.   


At least since January, Iran has substantially increased its use of cyberattacks against an array of its perceived adversaries — and the institutions of the West are not alone. Iranian hackers have focused on stealing data and disrupting key industries worldwide. In recent weeks, intelligence-gathering programs identified with Iran have targeted critical telecommunications and air travel infrastructure in Saudi Arabia and Kuwait. Only weeks before, Iran spied on Pakistan’s phone companies and managed service providers, the networking vendors that have come to play an even more important role as virus countermeasures force businesses and private citizens to rely on remote means for their daily communications.   

In Israel, the media reported thousands of recent distributed denial-of-services (DDOS) and defacement attacks from Iran, including those that show Israel in flames or post threatening messages. Last week, Israel reported that research institutes working on producing a coronavirus vaccine were targeted by hackers, at least some of whom appeared to be Iranian. More disturbing, Iran initiated a cyber feud with Israel by attacking Israel’s water installations. Although the attack was largely unsuccessful, Iran’s tactical shift to industrial sabotage against critical civilian services such as water has raised international alarm.  

Instead of slowing down Iran’s cyber aggression, the ongoing conflict with Israel has shown that Iran will continue to conduct damaging cyber espionage against those who threaten its national ambitions or offer it a means to steal or sabotage important medical and other scientific advances. Such behavior cannot be rewarded.

The global community should not be distracted by legal arguments that the U.S. has foregone its ability to constrain Iran’s access to nuclear weapons, or that the U.S. is not entitled to the “snapback” of economic sanctions. Nor can it afford to allow restrictions on Iran’s access to weaponry to expire while we wring our hands at the limitations of U.N. processes. These are Western, bureaucratic considerations that, although important, miss the point. Iran is looking for any win. Meanwhile, it has embarked on a new, global threat against the health and well-being of civilians not only by attacking critical assets such as community water supplies, but by systematically waging war against health and other infrastructure engaged in fighting the worst pandemic in modern history. To facilitate Tehran’s ability to further arm itself in any manner would be a travesty.

Mary Beth Long is former assistant secretary for international security affairs at the U.S. Department of Defense and chair of NATO’s High Level Group, as well as a former CIA case officer. She is co-founder of Global Alliance Advisors LLC. Follow her on Twitter @LongDefense.