The New York Times is reporting a major spike in aggressive cyber attacks by Iran and China against businesses and government agencies in the United States. “[S]ecurity experts believe,” the Times reports, that the renewed cyber attacks “have been energized by President Trump’s withdrawal from the Iran nuclear deal last year and his trade conflicts with China.”
Chinese cyberespionage cooled four years ago after President Barack Obama and President Xi Jinping of China reached a landmark deal to stop hacks meant to steal trade secrets.
But the 2015 agreement appears to have been unofficially canceled amid the continuing trade tension between the United States and China, the intelligence officials and private security researchers said. Chinese hacks have returned to earlier levels, although they are now stealthier and more sophisticated.
…Threats from China and Iran never stopped entirely, but Iranian hackers became much less active after the nuclear deal was signed in 2015. And for about 18 months, intelligence officials concluded, Beijing backed off its 10‐year online effort to steal trade secrets.
But Chinese hackers have resumed carrying out commercially motivated attacks…
In other words, the United States has been the target of major cyber attacks from both Iran and China as a direct consequence of two Trump administration policies, neither of which were justified.
Last year, against the advice of his own top national security officials and the US intelligence community, as well as US allies, President Trump withdrew from the 2015 Iran nuclear deal (JCPOA). That deal rolled back Iran’s nuclear program and imposed strict limits on it for the foreseeable future. To this day, it remains one of the most robust non‐proliferation agreements ever negotiated and Iran continues to comply with its stringent controls and invasive inspections regime. Trump’s withdrawal, which lacked a national security rationale (at least one that had any relation to reality) resulted in the automatic re‐imposition of harsh economic sanctions against Iran. Although the sanctions have hurt the Iranian economy, the regime in Tehran has kept to its obligations anyway, even amid threatening and overtly hostile rhetoric from the Trump administration that strongly suggests it is seeking regime change.
Many predicted withdrawal from the JCPOA would pressure Iran to unburden itself from the deal’s restrictions and restart its nuclear enrichment program in earnest, the exact opposite of the White House’s stated aim. Thankfully, this has not happened (yet). But what has happened is that Iran has ramped up aggressive cyber attacks against us.
Likewise, Trump’s determination to initiate a trade war with China, arguably America’s most important trade partner, cannot be justified on either economic or national security grounds. China’s immediate response was to retaliate with its own tariffs against US imports. Both the US and Chinese economies have consequently suffered an economic hit worth billions of dollars. We can add to these costs the apparent revocation of the arrangement Obama and Xi secured in 2015 not to engage in commercial cyber espionage.
As I see it, we can draw two lessons from this. First, countries are likely to retaliate if we punish them for engaging in cooperative diplomacy with us. Second, Trump’s policies have made America less safe.
For those who think the proper response to intensified Iranian and Chinese cyber attacks is to adopt a more aggressive, offensive cyber posture (in retaliation for the retaliation), I recommend reading this Cato Policy Analysis we published last month which demonstrates the dangers, and low utility, of such a path.