The Iranian government is increasing its cyberattack capabilities and wants to target government rivals, according to security company Mandiant. The country still doesn't have modernized cyber weapons at the moment, but is willing to invest time and energy into expanding its digital weapons.
Iran was reportedly behind malware attacks that infected Saudi Aramco and RasGas, in retaliation following the suspected infection of an Iranian nuclear facility by the United States and Israel.
"Although Iran has long been considered a second-tier actor behind China and Russia, recent speculation has focused on Iran's interest in perpetrating offensive network attacks against critical infrastructure targets," the Mandiant report says.
However, Iran is willing to recruit highly-trained hackers outside of the country, and reportedly has discussed cybercrime ability with North Korean sources, US security advisers say.