Cybersecurity has remained one of the main challenges for countries in the Arab region, despite the interest of these countries in developing a digital infrastructure and relevant cyber strategies and policies. Perhaps the most important challenge in this respect is that most of these countries do not have advanced organizational structures to combat cyber threats, while the cyber world has increasingly become an arena in which regional conflicts are carried out, and where various non-state actors actively propagate their ideologies and recruit followers.
In this context, regional countries have turned their attention to developing legislative and institutional structures to deal with these issues. On November 3rd, the Arab Parliament approved the first guiding law for the protection and enhancement of cybersecurity in Arab countries, in an effort to enhance the ability of Arab countries to develop a comprehensive legal framework to confront cybercrimes, protect technical systems and their components, and secure services and data from illegal activities.
Some Arab countries have in fact started to take steps towards these goals. For example, in February of 2004, Tunisia passed a law regulating information safety. Saudi Arabia also passed a cybercrime law issued by royal decree on March 27th, 2007, which aims to combat cybercrime by defining crimes and specifying penalties to protect “information security, rights related to the legitimate use of computers and information networks, and public interest.” On July 30th, 2019, Jordan also passed a cybersecurity law.
Moreover, countries in the region have worked to develop and create official entities and structures to confront cyber threats. On June 24th, 2019, the Telecommunications Regulatory Authority in the UAE launched the “National Cyber Security Strategy”, which aims to create a safe and flexible cyber environment that helps enable citizens to achieve their ambitions and companies to develop and grow. It includes the implementation of 60 initiatives within 5 axes over a period of 3-5 years. The UAE ranked fifth globally in the Cybersecurity Index 2021, which was issued by the International Telecommunication Union of the United Nations on June 29th. The country’s total score on the general index reached 98.06 out of 100, tied with Russia and Malaysia. The UAE outperformed countries such as Japan, France, Germany, Canada, and India.
Egypt established, in December of 2014, the Supreme Council for Cybersecurity to protect data. It includes representatives from various ministries, in addition to the General Intelligence Service and Central Bank. Saudi Arabia also announced the establishment of the National Cybersecurity Authority on November 1st, 2017. Iran on its part has viewed cyber capabilities as a tool to serve its interests in the region, creating cyber entities such as the Supreme Council for Cyberspace, chaired by the Supreme Leader of the Republic.
Regional cyber-dynamics
This growing interest in enhancing cyber security has been driven by the growing use of cyberspace to advance the agendas of various regional actors in the context of the increasingly adversarial nature of regional dynamics. These dynamics have been reflected in the cyber sphere in a number of ways, including:
Hostile discourse: The realm of cybersecurity has been utilized in some instances to confront what some states consider as hostile discourse, and to establish control domestically. Iran is an example in this respect, as it has developed cyber tools to confront anti-regime activities and exert regime control over the cyberspace. Among these tools is what is known as the “Iranian cyber army”, a group of hackers loyal to the regime. They are controlled by the Revolutionary Guard and pledge allegiance to the Supreme Leader of the Republic, pledging to confront the forces opposing the regime. The Iranian regime has also strengthened its cyber capabilities by creating entities and structures associated with the military and security establishment, such as the Iranian Army’s Cyber Defense Command, as well as the Electronic Police Force, which was formed on January 15th, 2011, with the aim of protecting national and religious identity, community values, legal freedom, and vital infrastructure from cyberattacks.
Growing protests against the Iranian regime in recent years prompted it to announce its intension to create a “national Internet”, a sphere separate from the world wide web, thus giving the state more control over content on the Internet. Despite steps taken by Tehran to implement this project, many obstacles remain, primarily financing. Hossein Eslami, head of the Iranian Computer Syndicate’s administrative body, declared on November 6th that the completion of the national Internet in Iran requires an investment of 200 thousand billion tomans. He added that in the best-case scenario, the government can invest only 50 thousand billion tomans over the next four years.
International competition for influence: In the past few years, cyberspace has become an arena for international competition for influence in the Middle East. The United States has strengthened its cyber cooperation with a number of countries in the region, especially Israel. On the other hand, Russia’s intervention in the Syrian conflict has brought into play a wide range of cyber capabilities, including intelligence gathering, counterespionage, disinformation campaigns and cyber wars, destruction of communications and navigation support systems, psychological warfare, propaganda and damage to information systems. On October 19th, numerous reports indicated that Moscow, or groups affiliated with it, launched attacks against organizations opposed to the Syrian regime, such as the Syrian Network for Human Rights.
On another level, growing cooperation between Russia and Iran has been reflected in cyber coordination. The two countries signed an agreement for cooperation in cybersecurity and information on January 26th, which cooperation on enhancing information security, combating crimes using information and communications technology, investigating and prosecuting perpetrators, addressing computer accidents, as well as technical assistance. China has also been an important supporter of the development of Iranian cyber capabilities, in view of growing trade relations between the two countries, as evidenced by the 25-year strategic cooperation agreement that the two countries reached on March 27th.
Obstructing Iran’s nuclear program: The Iranian nuclear program has been one of the main targets of cyber-attacks in the region over the past years. Perhaps the most prominent example of this was the attack in 2010 using the Stuxnet virus against nuclear facilities, which led to a series of malfunctions in centrifuges for enriching uranium. During the subsequent years, the Iranian nuclear program was subjected to a number of attacks, the last of which was on April 12th, when an official Iranian statement indicated that the uranium enrichment plant in Natanz was subjected to a terrorist act, after announcing a power outage at the nuclear facility. The attack came one day after Iran announced the inauguration of advanced centrifuges that enrich uranium more rapidly called “IR9”.
A tool in regional conflict: Cyberspace provides an arena for countries to settle their scores without engaging in a more costly direct war, or as the Russian military leader Pavel Antonovich described it “The demarcation of the lines between war and peace can easily be eroded In cyberspace. Damage, of whatever nature, can be inflicted on the adversary without formally crossing the line between war and peace.” This theory appears useful in describing developments in the Middle East. An example of such types of interaction was the cyber-attack on the website of the European Court of Human Rights in December 2020, following a ruling which criticized Turkey. In a statement, the court linked the attack to its ruling that ordered the release of Selahattin Demirtas, the former co-chair of the pro-Kurdish opposition Peoples’ Democratic Party.
Iran and Israel also used Cyber tools in their ongoing, indirect confrontation. The two countries have exchanged accusations of carrying out cyber-attacks several times over the past years. For example, some Israeli reports accused Iran of causing the cyber-attack that targeted the Israeli telecommunications company “Voyage Center” on September 23rd. Iran also accused the United States and Israel of launching a cyberattack targeting Iranian gas stations on October 26th, paralyzing them, causing long lines to obtain gasoline for a whole day. A day later, Israeli reports indicated that Israel was subjected to a cyber-attack by a group calling itself the “Moses Stick”, which included publishing information on Defense Minister Benny Gantz, and personal details of hundreds of soldiers in an IDF brigade.
Rising cyber capabilities of non-state actors: The growing role of non-state actors in the region has complicated the issue of cyber threats. On one hand, proxy relations between state and non-state actors in the region, such as between Iran and Hezbollah, has allowed non state actors growing cyber capabilities. For example, it was reported, on January 28th, that a group calling itself “Lebanese Cedars” and backed by Hezbollah, carried out a global hacking campaign, targeting telecommunication networks in several countries. It managed to penetrate more than 250 servers in the United States, Britain, Jordan, Lebanon, Israel, and the West Bank. On March 5th, reports indicated that the Quds Force of the Iranian Revolutionary Guard established a new cybersecurity unit in the Lebanese Hezbollah’s counterintelligence unit.
On the other hand, non-state actors such as terrorist networks have become increasingly dependent on cyber tools to achieve their goals. The operational arena has become the most important arena for the activities of terrorist organizations in cyberspace. These organizations use the Internet to propagate their ideas and communicate with their members, conduct psychological warfare, recruit, and train members, as well as gathering information and contributing to the financing of the organization, thereby giving it a distinct identity.
In conclusion, cybersecurity will remain a main issue on the agenda of Middle East countries in the coming years, as regional conflicts have spilled over into the cyber sphere. Cyber tools have become a means of applying pressure to adversaries and bleed them economically, while avoiding high-cost direct military confrontations. Moreover, the opaque and chaotic nature of cyberspace allows the perpetrators of these cyber-attacks to disclaim responsibility and evade punishment. The ability to determine the real identity of those who carry out cyber-attacks is further complicated by the existence of “cyber proxies”, on whom states depend to achieve their objectives.