Navigating the Digital Frontier:

Cybersecurity has become increasingly important in the Middle East’s security in recent years, with digital warfare significantly reshaping regional power dynamics. Attacks on critical infrastructure, especially in the energy and financial sectors, have exposed vulnerabilities, threatening essential services, while surveillance and disinformation campaigns define the region’s evolving cyber landscape. Israel’s pager attacks on Hezbollah operatives in 2024 demonstrated the hybrid nature of modern threats. As countries like Israel, Saudi Arabia, and the UAE strengthen their cybersecurity defenses and form new alliances, the emphasis on digital sovereignty and control over critical digital infrastructure will intensify. Meanwhile, both state and non-state actors will seek to enhance their digital capacities and resources to advance their respective strategic objectives.  

In response to these evolving challenges, the Middle East Council on Global Affairs organized a webinar featuring a panel of experts to explore the intersection of cybersecurity and geopolitics in the region. Key questions included: How do cyber operations impact regional stability? What strategies can strengthen digital resilience against growing threats? What role do public-private partnerships play in addressing cybersecurity challenges? What’s the critical role of digital sovereignty in national security strategies? How do disparities in cyber capabilities shape geopolitical power?  And what are the broader implications of these trends for regional and international security?   

Moderator: Marc Owen Jones, Nonresident Senior Fellow 

Speakers: 

• James Shires, Co-Director, Virtual Routes 

• Bassant Hassib, Assistant Professor of Political Science in the University of London Programmes (LSE), European Universities in Egypt (EUE) 

• Anwar Ghais, Researcher in International Relations and International Law 

James Shires, Co-Director, Virtual Routes 

• Iran is both a perpetrator and a victim of cyber warfare. It has engaged in offensive cyber operations targeting critical infrastructure in the Gulf, while also facing cyberattacks from  Israel and the U.S. 

• Iran’s cyber activities can be categorized into destructive attacks on infrastructure (e.g., Shamoon attack on Aramco), intelligence-gathering operations (hacking and leaking sensitive data), and disinformation campaigns designed to influence public opinion. 

• Cyber conflicts between Iran and Israel have escalated in recent years, often below the threshold of conventional warfare. Iranian-backed actors have targeted Israeli critical infrastructure, while Israel has conducted cyber operations against Iran’s energy and transportation sectors. 

• Iranian cyber actors sometimes operate outside direct state control, using ransomware for financial gain while still advancing state interests. This decentralized approach makes attribution difficult, complicating global cybersecurity responses. 

• The Gulf states have been heavily investing in cybersecurity, but they face strategic dilemmas regarding technology partnerships. The competition between Chinese and Western firms, particularly in AI and cloud computing, forces states to balance security concerns with economic opportunities. 

• While Gulf states are increasing collaboration on cyber resilience, differing relationships with international technology providers—such as Huawei versus Western firms—create complexities in forming unified cybersecurity policies. The geopolitical rivalry between China and the U.S. is influencing these decisions. 

Bassant Hassib, Assistant Professor of Political Science in the University of London Programmes (LSE), European Universities in Egypt (EUE) 

• Since October 2023, there has been an increase in cyber threats from both state-sponsored actors and hacktivists, particularly in response to the war in Gaza. Cyberattacks, including distributed denial-of-service (DDoS) attacks, hack-and-leak operations, and defacement campaigns, have targeted various sectors, including media, government, and humanitarian organizations. 

• Telegram has been a central platform for coordinating cyberattacks due to its anonymity and rapid communication features. However, governments have pressured Telegram to provide access to user activities, highlighting the role of private technology companies in geopolitical conflicts. 

• Cutting off internet access has been used as a strategic tool in the Israel-Palestine conflict, particularly in Gaza. The control of internet infrastructure by Israel has enabled mass surveillance, censorship, and disruption of real-time reporting of the war. This has also contributed to the spread of disinformation due to the lack of firsthand verification. 

• The practice of doxing, meaning publicly sharing personal information of activists, students, and academics, has escalated, particularly targeting individuals critical of Israel. Websites like Canary Mission have been dedicated to exposing pro-Palestinian individuals, leading to real-life threats and professional repercussions. 

• AI-driven military technologies, such as Israel’s AI-assisted targeting system (Habsora and Lavender), have been used to accelerate bombing operations in Gaza. These systems estimate casualties in advance, raising serious ethical concerns about autonomous warfare and the accountability of AI-powered military decisions. 

• Digital infrastructure projects, including submarine internet cables and cloud computing collaborations, are reshaping state relations. Countries like the UAE and Israel have leveraged cybersecurity cooperation as a diplomatic tool, facilitating broader diplomatic recognition through technological collaboration. 

Anwar Ghais, Researcher in International Relations and International Law 

• The evolving cyber alliances between the U.S.-Israel coalition and Iran’s partnerships with Russia and other regional actors are redefining geopolitical power dynamics. These alliances are formed based on shared security concerns, but they also introduce risks of escalating cyber warfare. 

• Many Middle Eastern states are prioritizing cyber sovereignty alongside digital transformation initiatives. This stems from historical violations of state sovereignty through cyberattacks, leading to a push for stronger national cybersecurity frameworks. 

• After the 2012 Shamoon cyberattack on Saudi Aramco, Gulf states, particularly Saudi Arabia and the UAE, enhanced their cybersecurity measures. The U.S.-UAE cyber agreement exemplifies how Gulf states are collaborating with external partners to bolster digital resilience. 

• Cyberattacks on state infrastructure are increasingly being used as tools of warfare, but international law has yet to establish clear regulatory frameworks. There is a pressing need for global conventions to regulate cyber conflicts and protect digital sovereignty. 

• Israel’s control over Palestinian telecommunications has created an asymmetric cyber conflict. Despite limited capabilities, Palestinian cyber actors have engaged in cyberattacks against Israeli systems. These efforts highlight the role of cyber warfare as a tool for weaker actors to challenge technologically dominant adversaries. 

• Unlike state-backed cyber alliances seen in other regional conflicts, Palestinian cyber efforts have largely relied on decentralized networks of hackers rather than official government partnerships. However, international actors must address the digital human rights violations occurring in occupied territories. 

The webinar concluded with a Q & A session where panelists addressed audience questions on key cybersecurity issues, including the challenges of attributing cyberattacks, the geopolitical implications of AI in warfare, and the role of digital infrastructure in state recognition. Panelists highlighted the increasing complexity of cyber conflicts, where private actors and state-backed cyber criminals blur the lines of responsibility. They also debated the ethical concerns surrounding AI-powered surveillance and cyber warfare, particularly in occupied territories like Palestine. The conversation concluded with insights on how Middle Eastern states can strengthen their cybersecurity frameworks through education, investment in local expertise, and regional cooperation, emphasizing the need for legal frameworks to regulate cyber conflicts and protect digital sovereignty.