Since January 8, amid nationwide protests driven by economic collapse, inflation, and open calls for regime change, Iranian authorities have imposed one of the longest internet blackouts in the country’s history. Now entering its third week, the shutdown has plunged more than 92 million people into informational darkness, crippling communication, reporting, and basic services while concealing a violent crackdown that has killed thousands.
By extinguishing visibility, the regime has shown how dominance over communications infrastructure can neutralize coordination and insulate repression from scrutiny. The blackout functions less as censorship than as an operational enabler, transforming digital control into a mechanism for managing society itself.
Digital Control as an Instrument of Regime Survival
The implications extend far beyond Iran. America’s adversaries are absorbing an important lesson: in modern conflicts between state and population, mastery of communications infrastructure can be as decisive as material force. Digital isolation compresses timelines and allows coercion to outpace accountability. Applied more broadly, this logic points toward the systematic use of advanced cyber and surveillance capabilities to penetrate encrypted channels, map opposition networks, and suppress resistance before it becomes politically visible, offering a replicable model for regime survival in an era of mass connectivity.
At the same time, it would be strategically reckless to ignore the indispensable role these same capabilities play for the United States and its partners when used for security rather than control.
The attacks of October 7 and the subsequent war demonstrated what is lost when states lack timely digital intelligence. In the immediate aftermath, when hundreds of civilians were abducted from their homes and from a music festival in a coordinated assault by Hamas, cyber and signals intelligence, such as metadata analysis and lawful communications interception, proved critical in reconstructing movements, identifying networks, and locating hostages. In many cases, access to digital traces marked the difference between recovery and disappearance, between situational awareness and strategic blindness. For states confronting terrorism and transnational crime, cyber intelligence is foundational.
How States Deploy Cyber Capabilities
The dividing line, therefore, is not technological capability but strategic purpose and institutional constraint. In the Western model, these tools are meant to preserve visibility in the face of genuine security threats, bounded by legal authority, oversight, and accountability. Among America’s adversaries, the same tools are increasingly oriented inward, designed to suppress political challenge, manage populations, and preserve power. This divergence defines the central tension of the digital age: how to maintain the visibility required for security without adopting the logic of control that now characterizes the coercive playbook of US adversaries.
This dynamic, for example, is evident in China’s approach to digital privacy and communications. On platforms such as WeChat, politically sensitive messages and content are routinely censored, and users have been detained for allegedly spreading “rumors” online. While WeChat employs encryption between users’ devices and the platform’s servers, communications are not end-to-end encrypted in the manner common in the Western world, meaning that content can, in principle, be accessed by the platform’s operator, Tencent, and by state authorities.
Indeed, Washington is no longer approaching offensive cyber capabilities as a peripheral issue. Recent reporting by Bloomberg indicates that the White House is preparing a national cyber strategy that would enlist private companies in more assertive operations against criminal and state-sponsored hackers, explicitly encouraging the use of commercially developed offensive cyber technologies. This shift reflects a broader recognition in Washington that cyber capabilities are now embedded in core national security doctrine rather than treated as auxiliary tools. More importantly, at this point, the central question is not whether offensive cyber capabilities should exist. They already do. While the United States and its partners debate how to govern them, America’s adversaries are moving ahead with fewer constraints and clearer doctrine.
China’s Model: Cyber Power as Continuous Governance
China has fully integrated cyber operations into its conception of state power, treating control over data flows, networks, and digital platforms as a strategic domain on par with land, sea, air, and space. In 2019, researchers at Google’s Project Zero uncovered a series of iOS vulnerabilities exploited through compromised websites frequented by Uyghur users—a Muslim population subjected to pervasive state surveillance—allowing malicious code to be silently delivered to their devices. Independent security researchers widely assessed the campaign as state-linked and explicitly designed for long-term monitoring of the ethnic minority.
Beijing makes no meaningful distinction between internal security and external competition. Cyber capabilities are not viewed as tools for episodic crisis response, but as instruments for shaping political behavior, information environments, and social control over time. This governing logic—continuous, embedded, and preventive rather than reactive—is increasingly attractive to regimes seeking to manage dissent at home while reinforcing deterrence abroad through digital means.
Iran’s Adaptation: Importing and Localizing the Model
In parallel, Iran has steadily internalized this logic well beyond moments of protest. Over the past decade, Tehran has expanded its cyber units, developed offensive capabilities targeting foreign infrastructure, and constructed a parallel domestic internet designed to give the state granular control over access, content, and attribution. They are part of a broader strategy to insulate the regime from pressure, manage information flows, and impose costs on adversaries while reducing Iran’s vulnerability to sanctions, surveillance, and internal unrest. This evolution reflects learning rather than improvisation and closely mirrors elements of the Chinese model.
The spread of these practices creates a selection effect in international politics. As cyber and surveillance capabilities become central to regime survival, they do not merely strengthen existing governments; they advantage a particular type of state. Regimes willing to suppress dissent preemptively and manage society through digital control tend to be more durable than those that rely on slower, consent-based mechanisms. Over time, this dynamic favors governments optimized for endurance through coercion rather than stability through legitimacy, reshaping which political systems are most likely to survive periods of stress.
Why Governance of Cyber Power Is a Strategic Imperative for the United States
For the United States, this challenge extends beyond regulation or abstract norms. Establishing standards for lawful use, authorization, and accountability is not an exercise in restraint for its own sake. It is a means of shaping the operating environment before it is defined by adversarial doctrine. The task ahead is not simply to acquire offensive cyber capabilities, but to govern them in a way that preserves their security value without reproducing the logic of control now being refined by America’s adversaries. If Washington fails to set these boundaries, it risks competing in a domain whose rules, incentives, and outcomes have already been written by others.
This is where the US–Israel security ecosystem becomes strategically decisive. Many of the most advanced cyber capabilities now entering Western doctrine originate in Israel, not as abstract innovations or instruments of regime management, but as operational responses to sustained pressure from terrorist networks, hybrid warfare, and state-sponsored proxies. Unlike China or Iran, Israel has been forced to integrate cyber intelligence into continuous crisis management, where failure produces immediate civilian casualties, hostage situations, and strategic surprise rather than deferred political costs.
Israel’s Approach to Cyber Intelligence
The events of October 7 illustrate how this environment shapes doctrine. In the aftermath of the attack by Hamas, as Israel simultaneously confronted escalation from Hezbollah along its northern border and sustained strategic pressure from Iranand its regional proxies, cyber and signals intelligence capabilities were directed toward restoring visibility after chaos rather than imposing silence. These tools were used to reconstruct movements, map hostile networks, and locate abducted civilians whose survival depended on speed and accuracy, while also disrupting follow-on attacks across multiple theaters. Capabilities that, in other contexts, are associated with population monitoring or political control were applied here as instruments of triage, tightly linked to concrete threats and time-sensitive decisions.
Israel emerged as a major actor in this domain in part because it was never a member of the Five Eyes intelligence framework. Operating in a uniquely hostile regional environment, it was forced to develop independent cyber and signals intelligence capabilities to overcome end-to-end encrypted communications that terrorist organizations, including al-Qaeda and its successors, have long used with lethal effectiveness. That experience shaped an approach that is less focused on abstract surveillance power and more on rapid attribution, operational clarity, and decision-grade intelligence under pressure.
Washington and its allies unquestionably possess the intellectual and technological capital to compete in this arena. But when such capabilities are required at scale, they must rest on clear and legitimate legal frameworks that allow democratic states to defend themselves without normalizing abuse or enabling diffusion to adversaries. This is where the combined experience and strategic alignment of the United States and Israel offer a distinctive advantage: operational rigor forged under constant threat, paired with institutional safeguards capable of anchoring advanced capabilities within democratic constraints.
For this reason, Israel represents an incomparable model for countering China’s approach to digital power. It shows how advanced cyber capabilities can be integrated into national security without erasing the boundary between external threat response and internal political control, and how doctrine shaped by real-world failure incentivizes precision, reversibility, and accountability rather than permanence and saturation. Where China treats cyber power as a continuous instrument of governance, Israel’s experience anchors it to necessity, legal constraint, and operational limits.
Setting the Precedent Before Adversaries Do
These distinctions carry direct implications for the United States. The balance between national security and individual privacy will not be settled through ad hoc restraint or unilateral regulation, but through a coordinated framework led by Washington and its partners that governs the development, proliferation, and use of offensive cyber capabilities. Such a framework must establish eligibility standards, design constraints, national-level limits, and credible mechanisms for oversight and accountability.
The window for doing so is narrowing. Cyber power is becoming increasingly predictive rather than reactive, enabling states to infer intent and intervene earlier, while offensive capabilities are being integrated into peacetime governance and crisis management alike, blurring lines that once separated external security from domestic control. Without agreed rules, practices adopted under pressure will harden into precedent, shaping global norms by default rather than design.
Indeed, only a shared and enforceable framework can ensure that high-precision cyber tools enhance security without corroding legitimacy, anchoring their use in principles that preserve public trust and draw a durable boundary between protecting societies and managing them in an era when technological power increasingly blurs the difference.
Seen this way, the US–Israel cyber relationship is not marginal to the contest with China; it is the fulcrum. America’s adversaries are using Iran to refine a model of digital control designed to preserve regimes. The United States should be working with Israel to operationalize an alternative model, one that uses cyber power to protect lives without entrenching repression. The contest is not over technology itself, but over which operational logic becomes a global precedent.
Read the article co-authored with Reut Yamen in The National Interest.