Skip to main content

Intel: How an Air Force vet’s indictment reveals US vulnerability to Iranian cyber-espionage


The Justice Department handed down a 27-page indictment today charging a former Air Force intelligence officer with passing classified information to the Islamic Revolutionary Guard Corps (IRGC). The indictment also charges four hackers allegedly linked with the Tehran-based military command.

Why it matters: Today’s indictment shows increased Iranian interest in cyberespionage. Drawing upon classified information obtained from Monica Elfriede Witt, IRGC-affiliated hackers attempted to develop malicious software and fake social media profiles to target US-based spy agencies.

The efforts included software to capture keystrokes and break into web cameras, as well as malware-infused attachments passed off as pornographic photos designed to fool US officials into letting Iranian hackers tunnel into their computer networks. They also created fake e-mails and Facebook profiles to befriend unsuspecting US military intelligence officers.

Keep your friends close: Forty years to the week after the US and Iran formally cut off diplomatic relations amid the 1979 Islamic Revolution, today’s indictment helps reveal how deep Tehran’s distrust of Washington really goes. Witt said in communications obtained by investigators that she had difficulty getting over Iranian suspicions, despite embedding herself with members of the IRGC and appearing in anti-US propaganda videos. 

"I just hope I have better luck with Russia at this point,” Witt wrote to an unidentified co-conspirator in 2013, the year she defected. “I am starting to get frustrated at the level of Iranian suspicion.” Days earlier, the Air Force veteran had gone to the Iranian embassy in Kabul and “told all.”

Repeat offender: One of the suspected hackers, Behzad Mesri, was indicted in 2017 by a US district court for attempting to extort $6 million in bitcoin.

What’s next: Just as the Donald Trump administration has called out Iran’s proxy and missile proliferation in the Middle East, expect more naming and shaming of Iranian hackers.

While Witt, far outside the clutches of US law enforcement, is unlikely to get a US court date, the indictment follows a pattern of recent Justice Department targeting of Iranian cybercriminals that dates back to the Barack Obama administration. Last year, a federal grand jury handed down indictments charging two Iranians with launching a 34-month “SamSam” ransomware campaign that locked down computers in hospitals and public agencies and caused $30 million in losses, just months after US officials noticed a string of alleged Iranian cyber thefts in American and foreign universities.

Know more: It’s not just the US that fears digital break-ins from Iran. Read Ben Caspit’s latest on Israeli concerns of Iranian cyber meddling in upcoming elections.

-Jack Detsch

Join hundreds of Middle East professionals with Al-Monitor PRO.

Business and policy professionals use PRO to monitor the regional economy and improve their reports, memos and presentations. Try it for free and cancel anytime.

Already a Member? Sign in


The Middle East's Best Newsletters

Join over 50,000 readers who access our journalists dedicated newsletters, covering the top political, security, business and tech issues across the region each week.
Delivered straight to your inbox.


What's included:
Our Expertise

Free newsletters available:

  • The Takeaway & Week in Review
  • Middle East Minute (AM)
  • Daily Briefing (PM)
  • Business & Tech Briefing
  • Security Briefing
  • Gulf Briefing
  • Israel Briefing
  • Palestine Briefing
  • Turkey Briefing
  • Iraq Briefing

Premium Membership

Join the Middle East's most notable experts for premium memos, trend reports, live video Q&A, and intimate in-person events, each detailing exclusive insights on business and geopolitical trends shaping the region.

$25.00 / month
billed annually

Become Member Start with 1-week free trial
What's included:
Our Expertise AI-driven

Memos - premium analytical writing: actionable insights on markets and geopolitics.

Live Video Q&A - Hear from our top journalists and regional experts.

Special Events - Intimate in-person events with business & political VIPs.

Trend Reports - Deep dive analysis on market updates.

All premium Industry Newsletters - Monitor the Middle East's most important industries. Prioritize your target industries for weekly review:

  • Capital Markets & Private Equity
  • Venture Capital & Startups
  • Green Energy
  • Supply Chain
  • Sustainable Development
  • Leading Edge Technology
  • Oil & Gas
  • Real Estate & Construction
  • Banking

We also offer team plans. Please send an email to and we'll onboard your team.

Already a Member? Sign in

Start your PRO membership today.

Join the Middle East's top business and policy professionals to access exclusive PRO insights today.

Join Al-Monitor PRO Start with 1-week free trial