Skip to main content

San Diego Military & Defense Monitor — Special Counter Intelligence Report


Counterintelligence  ·  Contractor Security  ·  Cyber Threats
⚠  Elevated Threat Environment  |  Active Conflict with Iran  |  FBI Counterintelligence Advisory in Effect   ⚠
Special Investigative Section

In Iran's Crosshairs: The Threat to San Diego's Defense Contractors

From cyber intrusion to assassination plots, component theft to insider recruitment — Iran's multi-vector campaign against America's defense-industrial base puts General Atomics, Northrop Grumman, and their employees at the center of an undeclared war already playing out on U.S. soil.

Drawn from DOJ court filings, FBI testimony, Treasury sanctions records, and cybersecurity research Published: March 11, 2026
  • 70+ Iran-related arrests by FBI since Jan. 20, 2025
  • 32 Entities sanctioned Nov. 2025 for Iran missile/UAV procurement
  • 4 Documented IRGC assassination plots on U.S. soil, 2022–2025
  • 2013 Year APT33 began targeting U.S. aerospace/defense firms

General Atomics Aeronautical Systems builds the aircraft that killed Qasem Soleimani. That sentence alone explains why the Poway-based drone manufacturer and its San Diego-area peers occupy a uniquely dangerous position in Iran's threat calculus — and why, with the United States now conducting large-scale military operations against Iran under Operation Epic Fury, the threat to defense contractors in this region has escalated from chronic to acute. Iran's Islamic Revolutionary Guard Corps (IRGC) and its intelligence affiliates do not distinguish neatly between military and civilian targets. In their operational doctrine, the engineer who designs the navigation system for an MQ-9 Reaper, the program manager who oversees drone production at General Atomics, and the subcontractor supplying servo motors to an aerospace prime are all legitimate targets — for espionage, for intellectual property theft, for technology diversion, and, as documented federal court cases now make plain, potentially for physical harm.

This section examines the documented and assessed threats to San Diego's defense-industrial base across four distinct but overlapping threat vectors: cyber intrusion by state-sponsored hacking groups, insider recruitment and personnel targeting, component theft and supply-chain infiltration, and physical threats including surveillance and the assassination plotting that Iran has aggressively pursued against Americans on U.S. soil since the 2020 killing of Soleimani. All four vectors are active. All four have documented precedents in federal court records, Treasury sanctions filings, and FBI counterintelligence advisories. The onset of active military hostilities has elevated each of them.

Vector One

Cyber Intrusion: Iran's State-Sponsored Hacking Groups Are Targeting Aerospace and Defense Right Now

Iran has built one of the world's most capable state-sponsored cyber espionage programs, and its primary focus — documented consistently since at least 2013 — has been the aerospace, defense, and energy sectors that dominate San Diego's economy. Three Iranian Advanced Persistent Threat (APT) groups are of particular concern to local contractors, and all three are currently active.

APT33

Also: Elfin / Peach Sandstorm / Refined Kitten / Magnallium

Assessed with high confidence to operate on behalf of the IRGC. Active since 2013, APT33 has compromised U.S. aerospace organizations, Saudi petrochemical firms, and defense contractors globally. Between 2023 and 2025, the group shifted toward quieter identity-based attacks, password spraying thousands of organizations, and leveraging Microsoft Azure for persistent access. In 2024, introduced new custom malware families including "Tickler" and "FalseFont."

Primary targets: Aerospace · Defense · Satellite Communications · Energy

APT34 / OilRig

Also: Helix Kitten / MuddyWater / Seedworm

Linked to Iran's Ministry of Intelligence and Security (MOIS). Primarily conducts espionage against government entities, financial services, telecommunications, and defense contractors. Uses spear-phishing, credential harvesting, and custom backdoors. In January 2026, launched "Operation Olalampo" — a campaign introducing four new malware families (CHAR, GhostBackDoor, GhostFetch, HTTP_VIP) written in Rust, demonstrating AI-assisted development.

Primary targets: Defense Contractors · Government · Telecommunications

UNC1549

Also: CURIUM / Tortoise Shell / Crimson Sandstorm

The fourth most active Iranian threat actor in the second half of 2025, UNC1549 has focused specifically on defense, aerospace, telecommunications, and regional government entities — aligning operations closely with Iran's geopolitical priorities. Its targeting pattern maps almost precisely onto San Diego's defense contractor ecosystem.

Primary targets: Defense · Aerospace · Telecom · Government

APT35 / APT42

Also: Charming Kitten / Mint Sandstorm

A complementary branch focused on human-centric targeting and long-term intelligence collection. Specializes in sophisticated social engineering against policymakers, academics, journalists, and individuals with access to sensitive decision-making. Operations begin outside corporate networks — targeting personal email, LinkedIn, and other channels — before pivoting to internal systems.

Primary targets: Personnel with clearances · Policymakers · Technical experts

The acceleration of Iranian cyber activity in direct response to military escalation is already documented. Nozomi Networks, which tracks Iranian APT groups in real time, reports a systematic increase in activity associated with Iran-linked threat actors since the onset of the current conflict, with MuddyWater and APT33 identified as the most active groups in the early weeks of hostilities. The manufacturing and transportation sectors have been the most targeted, but defense contractors represent a priority intelligence collection objective that these groups have pursued continuously for over a decade.

APT33's tradecraft is particularly well suited to penetrating defense contractor environments. The group has transitioned between 2023 and 2025 toward quieter identity-based attacks — exploiting stolen credentials, using improved modular implants, and advancing operational security measures. The group has begun leveraging Microsoft Azure and Microsoft 365 for persistence and lateral movement, and has begun collaborating more extensively with APT34 and MuddyWater, sharing tools and infrastructure in ways that suggest a unified Iranian cyber command.

The initial access method most commonly used against defense contractors deserves specific attention. APT33 has sent spear-phishing emails to employees whose jobs relate to the aviation industry, using recruitment-themed lures with links to malicious files that appear to reference legitimate job postings on popular employment websites. The malicious files contain embedded code that automatically downloads a custom APT33 backdoor — invisible to the user, who sees only what appears to be a routine job description. For a region like San Diego, where thousands of cleared engineers and program managers are always aware of opportunities at competing contractors, this vector is highly effective.

"Iranian state-backed cyber operations have evolved into a disciplined, repeatable capability that prioritizes identity compromise, social engineering, and abuse of trusted enterprise services over technically complex exploitation."

— UltraViolet Cyber Federal, Q3 2025 Threat Advisory

For security leadership at defense contractors, the strategic risk is not confined to malware or perimeter defenses, but to the integrity of identity systems, email platforms, and the human layer that surrounds them. APT33 consistently exploits gaps in identity monitoring rather than endpoint security weaknesses — organizations that lack visibility into authentication patterns, token issuance, and administrative changes remain particularly vulnerable. The implication for General Atomics, Northrop Grumman, and NAVWAR's contractor community is direct: traditional firewall-centric defenses are insufficient against an adversary that has learned to live inside corporate cloud infrastructure while appearing to be a legitimate administrator.

Vector Two

Component Theft and Technology Diversion: Iran Is Actively Stealing U.S. Drone Technology

The irony confronting General Atomics is not merely that Iran wants to destroy its products — it also wants to replicate them. Iran's military-industrial complex has made the acquisition of Western drone technology a top priority, and federal prosecutors have documented a persistent, sophisticated effort to steal or divert U.S.-manufactured components — including components used in systems very similar to those produced in Poway.

Federal Court Filing — Key Case

U.S. v. Sadeghi & Abedini — MEMS Components for Iranian Attack Drones (2024)

Federal prosecutors charged two men with conspiring to export U.S.-origin Micro-Electro-Mechanical Systems (MEMS) — the inertial navigation components used in precision guidance systems — from Analog Devices through a Swiss front company to Iran. From 2016 to 2024, the defendants procured MEMS and technical data from Analog Devices and other U.S. manufacturers and reexported them to Iran. Because of MEMS' small size — most are invisible to the naked eye — the defendants transported the items in their luggage on passenger flights. Some of these components were used in Iranian Shahed navigation systems — integral parts of Iranian attack drones.

On January 28, 2024, an Iranian-produced Shahed-101P attack drone struck Tower 22 in northern Jordan, killing three U.S. service members. The connection between stolen American navigation technology and American casualties in the field could not be more direct.

Source: IranWatch.org / U.S. Department of Justice, District of Massachusetts, December 2024

The Tower 22 case is not an isolated incident. Iran almost certainly leverages overseas distributors or resellers — sometimes through multiple transactions — to put distance between the initial export license-approved commercial sale and the ultimate Iranian end user. Key drone components are dual-use and small, such as circuit board components, GPS or navigational equipment, microchips, microprocessors, and microcontrollers, making them particularly difficult to control. For San Diego-area defense firms with complex global supply chains, this means that components manufactured or designed locally may find their way into Iranian military systems through intermediaries that appear, on paper, to be legitimate commercial purchasers.

In April 2025, the Justice Department charged two Iranian nationals and their company, Rah Roshd International Trade Exchanges Development, with conspiring to procure U.S. parts for Iranian UAVs and provide material support to the IRGC. The company contracted directly with U.S.-sanctioned Qods Aviation Industries — Iran's premier drone manufacturer — to supply crucial components including servo motors for combat drones like the Mohajer-6. A Mohajer-6 drone used by Russian forces in Ukraine was found to contain U.S.-manufactured parts after being shot down, providing physical evidence of the procurement pipeline's reach.

How Iran Acquires U.S. Defense Technology: Documented Methods

  • Front Companies: Iranian procurement agents establish shell companies in the UAE, China, Hong Kong, Germany, and Turkey to purchase dual-use components from U.S. manufacturers and distributors under false end-user declarations
  • Transshipment: Components purchased in Switzerland, the UK, or EU nations are reexported to Iran, often by individuals carrying items as personal luggage to avoid customs screening
  • Academic and Research Channels: Iranian nationals on student or researcher visas access university labs and contractor facilities with defense-relevant research programs; some have documented ties to IRGC-funded institutions
  • Cyber Theft: APT33, APT34, and UNC1549 conduct network intrusions targeting engineering databases, CAD files, technical specifications, and proprietary manufacturing processes at aerospace and defense firms
  • Cleared Contractor Recruitment: Iranian intelligence services approach recently separated defense workers — particularly those facing financial stress — via LinkedIn, professional conferences, and personal contacts, offering consulting fees for technical disclosures
  • Supply Chain Infiltration: Tier 2 and Tier 3 suppliers to major primes like General Atomics are targeted as softer entry points; their security postures are typically weaker than those of the prime contractor

The scale of Iran's technology acquisition effort is reflected in the breadth of U.S. government countermeasures. In November 2025, the U.S. Treasury Department's Office of Foreign Assets Control sanctioned 32 individuals and entities across Iran, the UAE, Turkey, China, Hong Kong, India, Germany, and Ukraine for operating multiple procurement networks supporting Iran's ballistic missile and UAV production. The geographic spread of the network — spanning three continents and every major trading hub — illustrates the scale of the challenge facing export control enforcement and the counterintelligence offices charged with protecting local contractors.

Vector Three

Insider Threats and Personnel Targeting: The Human Vulnerability

The most persistent and difficult-to-counter threat vector against San Diego's defense contractors is the human one. Iranian intelligence services — both the IRGC Intelligence Organization and the Ministry of Intelligence and Security — have developed a systematic methodology for identifying, approaching, and recruiting individuals with access to sensitive programs. The methodology is well documented in federal court records, FBI counterintelligence advisories, and academic analysis of Iranian intelligence tradecraft.

The targeting process typically begins with open-source research. Iranian intelligence officers — often operating under diplomatic cover or through diaspora community networks — compile profiles of cleared employees at major defense contractors using LinkedIn, academic publications, professional conference appearances, and social media. Individuals of Iranian heritage are of particular interest, not primarily because of any presumed disloyalty, but because they represent a population that Iranian intelligence believes it can coerce through family members remaining in Iran. The approach, when it comes, is typically indirect: a message through a professional networking site, an invitation to a conference, or contact through an intermediary who appears to have no connection to the Iranian government.

Federal Court Filing — Personnel Targeting

Former FAA Contractor Indicted for Acting as Iranian Government Agent (2024)

In September 2024, a former FAA contractor was indicted for illegally acting as an agent of the Iranian government — one of a series of cases in which individuals with access to sensitive technical information were recruited by Iranian intelligence to provide information or conduct surveillance on behalf of Tehran. The case illustrates that Iran's recruitment efforts are not limited to defense industry employees but extend to any individual with access to information about U.S. government systems, programs, or personnel.

Source: FBI.gov — The Iran Threat, updated 2025

For General Atomics specifically, the personnel threat has a dimension that extends beyond information collection. The MQ-9 Reaper and its successor platforms have been used repeatedly to kill senior IRGC figures, and the IRGC has demonstrated — through multiple prosecuted cases — that it is willing to use recruited assets to conduct violence against Americans on U.S. soil. Program managers, senior engineers, and executives at GA who have public profiles connecting them to the Reaper program could plausibly be identified as targets for the kind of physical surveillance and harm-facilitation operations that federal prosecutors have documented in at least four separate cases since 2022.

Vector Four

Physical Threats: Iran's Assassination Campaign Reaches U.S. Soil

The most alarming dimension of the Iran threat to San Diego's defense community is also the most difficult to discuss with precision, because the operational details of ongoing investigations are necessarily classified. What is publicly documented, through federal court records and official statements, is a pattern of Iranian-directed physical threat operations against Americans on U.S. soil that is without modern precedent in its scale and persistence.

Aug. 2022
DOJ Charges Iranian National in Bolton Assassination Plot

Federal prosecutors charged Shahram Poursafi, identified as an IRGC member, with attempting to hire assassins to kill former National Security Advisor John Bolton and former Secretary of State Mike Pompeo, offering $300,000 for the Bolton killing. The DOJ explicitly linked the plot to Iran's desire for retribution over the January 2020 killing of Soleimani. The case established that Iran was prepared to conduct lethal operations against former senior U.S. officials on American soil.

Source: U.S. Department of Justice, Office of Public Affairs, August 10, 2022
Oct. 2024
IRGC Brigadier General Charged in Murder-for-Hire Network

U.S. prosecutors announced murder-for-hire charges against an IRGC Brigadier General and former intelligence officer, along with members of an Iranian intelligence network, for directing a series of assassination plots against U.S. targets. The charging of a serving flag officer of the IRGC marked a significant escalation in the public documentation of Iran's operational posture against the U.S. homeland.

Source: FBI.gov — The Iran Threat / U.S. Attorney's Office, October 22, 2024
July 2024 — Convicted Mar. 2026
IRGC Operative Asif Merchant Convicted of Terrorism and Murder-for-Hire

Asif Merchant, a Pakistani national who admitted working for the IRGC, was convicted of terrorism and murder-for-hire after arriving in the United States in April 2024, meeting with purported hitmen — who were actually undercover FBI agents — in June, and being arrested in July 2024 before he could leave the country. Merchant admitted the IRGC sent him to arrange political assassinations and steal documents. Federal prosecutors presented evidence that Merchant's intended targets included then-candidate Donald Trump, and that his IRGC handler was expected to help fund the operation. The case was under active trial in a New York federal court as Operation Epic Fury commenced in late February 2026.

Source: U.S. Department of Justice, March 6, 2026; Associated Press trial coverage
Dec. 2024
IRGC Founder Arrested for Providing Material Support — and Procuring Technology for Drones That Killed U.S. Troops

The founder of an Iranian company was arrested for providing material support to the IRGC and for a scheme to procure sensitive U.S. technology for use in IRGC military drones — one of which had killed three U.S. service members in the Tower 22 attack. The convergence of technology theft and lethal violence in a single case encapsulates the full spectrum of the Iranian threat to the defense contractor community.

Source: FBI.gov — The Iran Threat, December 16, 2024
March 2024
FBI Alert: Iranian Agent Orchestrating Assassination Plots Including Against Former Secretary Pompeo

The FBI's Miami field office issued a public alert regarding Iranian national and intelligence agent Majid Dastjani Farahani, accused of orchestrating assassination plots against U.S. officials including former Secretary of State Pompeo. According to the FBI, Farahani was recruiting individuals for various operations inside the United States, including lethal targeting of current and former U.S. government officials as revenge for the killing of Soleimani.

Source: FBI Public Alert, March 5, 2024; U.S. Treasury Department Sanctions Designation

The FBI has drawn an explicit link between this assassination campaign and the defense community. In congressional testimony, FBI officials stated that the bureau believes Iran is capable of a variety of attack options against U.S. targets, including cyber operations intended to sabotage public and private infrastructure, and targeted assassinations of individuals deemed to be a threat to the regime or its stability. Defense contractor executives, senior program managers, and cleared engineers whose work directly supports the platforms now being used against Iran fall squarely within the category of individuals Iran might deem threats to its stability.

"Iran continues to plot attacks against former government officials in retaliation for the January 2020 death of IRGC Quds Force Commander Qassem Soleimani. This was not the first attempt by Iran to harm Americans on U.S. soil."

— FBI Director Kash Patel, March 6, 2026, upon conviction of Asif Merchant

The FBI's Iran Threat to the Homeland reporting notes that across all adversary threat streams, the Bureau made over 70 arrests protecting the country from foreign intelligence activity since January 20, 2025 alone. The Iran Threat to the Military Community (ITMC) center, established to synchronize intelligence and operations on cyber, counterintelligence, and counterterrorism threats from Iran, has elevated its activity in direct response to the current conflict. For San Diego's defense contractors, the practical implication is that the FBI's local field office and NCIS counterintelligence personnel are operating under an elevated operational tempo that matches the threat environment — but that the threat environment itself is unprecedented in the post-Cold War era.

The Soleimani Connection

Why General Atomics Occupies a Special Place in IRGC Targeting

No analysis of the threat to San Diego's defense contractors is complete without confronting the specific symbolic and operational significance of General Atomics' role in the killing of Qasem Soleimani on January 3, 2020. The MQ-9 Reaper that conducted the strike near Baghdad International Airport was built in Poway. Its targeting systems, its communication links, its airframe — all were the product of the workforce that reports to work every day in San Diego's North County.

For the IRGC and for Iran's political leadership, Soleimani was not simply a military commander. He was the architect of Iran's regional strategy, the builder of its proxy network, and — in the eyes of the theocratic government — something approaching a national saint. Supreme Leader Khamenei, who himself was killed in U.S. strikes earlier this month according to current reporting, had repeatedly and publicly pledged that revenge for Soleimani's death was a certainty. That pledge was not merely rhetorical: the Bolton plot, the Pompeo plot, the Merchant conviction, and multiple other disrupted operations were all explicitly linked by federal prosecutors to the Soleimani retribution imperative.

General Atomics is not a household name in the way that Boeing or Lockheed Martin is. But within the IRGC's intelligence apparatus, the company that built the aircraft that killed their most revered commander is almost certainly well documented. The FBI's Domestic Security Alliance Council (DSAC), which maintains classified threat briefing relationships with major defense contractors, has reportedly conducted specific briefings for GA security personnel on the elevated threat environment. The company's security posture — including employee awareness programs, executive protection protocols, and cyber defense measures — is not publicly disclosed, for obvious reasons.

What This Means for the Region

Threat Assessment Table: San Diego Defense Contractors Under Operation Epic Fury

Threat Vector Primary Actors Key Targets in San Diego Documented Precedent Severity
Cyber Intrusion / IP Theft APT33, APT34/MuddyWater, UNC1549 GA-ASI (drone systems), NAVWAR, Northrop Grumman (C4ISR), L3Harris APT33 active against U.S. aerospace since 2013; "Operation Olalampo" launched Jan. 2026 Critical
Component Diversion / Export Theft IRGC procurement networks, front companies in UAE/China/Turkey Tier 2-3 suppliers to GA-ASI, Northrop, BAE; semiconductor distributors Tower 22 drone contained stolen U.S. MEMS; Rah Roshd indictment Apr. 2025 Critical
Insider Recruitment IRGC-IO, MOIS; Iranian-American community networks used as access vectors Cleared engineers and program managers at all major primes; recently separated personnel Multiple Navy sailor targeting cases; FAA contractor indictment Sept. 2024 High
Physical Surveillance of Facilities IRGC intelligence officers operating under cover; recruited cutouts GA-ASI Poway campus; Gray Butte Flight Ops; NAVWAR; NAS North Island perimeter FBI DSAC threat briefings; Iranian agent Farahani surveillance network (2024) High
Assassination / Physical Harm to Personnel IRGC-QF; IRGC-IO; recruited criminal networks Senior GA-ASI leadership; Reaper program managers with public profiles; former DoD officials now in contractor roles Bolton plot (2022); Merchant conviction (2026); 4+ DOJ-prosecuted plots since 2022 High
Disinformation / Influence Operations APT35/Charming Kitten; IRGC-linked social media operations Military family communities; contractor employee social networks; local media IRGC cyber actors indicted for 2024 election hack-and-leak operation (Sept. 2024) Medium

What Defense Contractors and Their Employees Should Know

Report Unusual Contact

Any unsolicited professional contact — especially via LinkedIn, WhatsApp, or encrypted messaging apps — from individuals claiming to represent foreign academic institutions, consulting firms, or media organizations should be reported to your facility security officer (FSO) immediately. This is especially true for individuals with apparent connections to Iran or Iranian diaspora networks.

Review Social Media Exposure

Employees working on sensitive programs should audit their public social media presence. Connections to specific programs, vehicles, weapons systems, or operational details visible in personal photos or posts are exactly the kind of open-source intelligence that Iranian targeting teams use to build profiles of potential recruitment targets or physical surveillance subjects.

Supply Chain Vigilance

Procurement officers and program managers should scrutinize new vendor relationships and unusual purchase order patterns from existing suppliers. Iranian procurement networks specifically target Tier 2 and Tier 3 suppliers as softer entry points. Unusual routing through UAE, Turkish, or Hong Kong intermediaries for components with UAV or precision guidance applications warrants immediate escalation.

Identity and Access Hygiene

Password spraying — trying a small number of commonly used passwords against a large list of accounts — is APT33's most documented initial access method. Multi-factor authentication, anomalous login monitoring, and privileged access management are the most effective defenses against the current Iranian cyber threat to contractor networks.

The FBI maintains reporting hotlines and conducts regular threat briefings for cleared defense contractors through the Domestic Security Alliance Council (DSAC) and the Defense Counterintelligence and Security Agency (DCSA). Employees of cleared defense facilities who observe suspicious activity or receive unusual contact approaches should report to their facility security officer, to the FBI San Diego Field Office at (858) 565-1255, or to NCIS at 1-877-843-6247. During active hostilities, the threshold for reporting should be lower, not higher.

Sources & Formal Citations

  1. Brandefense. "APT33 (Elfin / Refined Kitten): Iran's Longstanding Cyber-Espionage Arm." Brandefense Threat Intelligence, November 11, 2025. https://brandefense.io/blog/apt33-apt-2025/
  2. Nozomi Networks. "Iranian APT Activity During Geopolitical Escalation: Recommendations for Nozomi Customers and Critical Infrastructure Owners." Nozomi Networks Blog, March 2026. https://www.nozominetworks.com/blog/iranian-apt-activity-during-geopolitical-escalation-recommendations-for-nozomi-customers-and-critical-infrastructure-owners
  3. UltraViolet Cyber Federal. "Threat Advisory Special Report: Iranian Threat Actor Group Update." Q3 2025. https://www.uvcyber.com/resources/reports/threat-advisory-special-report-iranian-threat-actor-group-update
  4. GBHackers. "Iranian APT Groups Intensify Cyberattacks on Critical Infrastructure Amid Rising Geopolitical Tensions." March 2026. https://gbhackers.com/iranian-apt-groups/
  5. Recorded Future / The Record. "Iranian APTs Increased Activity Against U.S. Industries in Late Spring." July 10, 2025. https://therecord.media/iran-state-backed-hackers-industrial-attacks-spring-2025
  6. ExtraHop. "The Digital Front of Iranian Cyber Offensive and Defensive Response." March 2026. https://www.extrahop.com/blog/the-digital-front-of-iranian-cyber-offensive-and-defensive-response
  7. Mandiant / Google Cloud. "APT33: Insights into Iranian Cyber Espionage." Google Cloud Blog (original FireEye research). https://cloud.google.com/blog/topics/threat-intelligence/apt33-insights-into-iranian-cyber-espionage
  8. Hedgehog Security. "APT33: The Aerospace Stalker — Cyber Threat Profile." 2025. https://www.hedgehogsecurity.co.uk/blog/apt33-the-aerospace-stalker
  9. TerraZone. "APT33: A Complete Guide to Iran's 'Elfin' Cyber Espionage Group." November 5, 2025. https://terrazone.io/apt-3/
  10. Cyber Defense Magazine. "The Hidden Front: Iran, Cyber Warfare, and the Looming Threat to U.S. Critical Infrastructure." June 24, 2025. https://www.cyberdefensemagazine.com/the-hidden-front-iran-cyber-warfare-and-the-looming-threat-to-u-s-critical-infrastructure/
  11. U.S. Department of Justice, Office of Public Affairs. "Iranian Intelligence Agent Convicted of Terrorism and Murder for Hire in Connection with Foiled Plot to Assassinate U.S. Politicians and Government Officials." March 6, 2026. https://www.justice.gov/opa/pr/iranian-intelligence-agent-convicted-terrorism-and-murder-hire-connection-foiled-plot
  12. Federal Bureau of Investigation. "The Iran Threat." FBI.gov, updated 2025. https://www.fbi.gov/investigate/counterintelligence/the-iran-threat
  13. Federal Bureau of Investigation. "Worldwide Threats to the Homeland." Congressional testimony, December 11, 2025. https://www.fbi.gov/news/speeches-and-testimony/worldwide-threats-to-the-homeland-121125
  14. Associated Press / Washington Times. "A Trial Seeks to Tie Iranian Paramilitary to Alleged Assassination Plot in U.S." March 3, 2026. https://www.washingtontimes.com/news/2026/mar/3/trial-seeks-tie-iranian-paramilitary-alleged-assassination-plot-us/
  15. Iran International. "Hidden Camera Video Outlines Alleged Iran-Linked Plot." February 27, 2026. https://www.iranintl.com/en/202602277263
  16. U.S. House Committee on Homeland Security. "DHS, DEA, FBI, State Provide Testimony on Iran's Growing 'Axis of Resistance.'" March 20, 2024. https://homeland.house.gov/2024/03/20/dhs-dea-fbi-state-provide-testimony-in-open-session-classified-briefing-on-irans-growing-axis-of-resistance/
  17. IranWatch / Wisconsin Project. "U.S. Disrupts Iranian Procurement Scheme Tied to Drone Attacks on U.S. Military Base." IranWatch, 2024–2025. https://www.iranwatch.org/our-publications/international-enforcement-actions/us-disrupts-iranian-procurement-scheme-tied-drone-attacks-us-military-base
  18. U.S. Department of Justice. "Iranian Company and Two Iranian Nationals Charged with Conspiring to Provide Material Support to IRGC and Procure U.S. Technology for Iranian Attack Drones." April 2025. https://www.justice.gov/opa/pr/iranian-company-and-two-iranian-nationals-charged-conspiring-provide-material-support
  19. U.S. Department of the Treasury, OFAC. "Treasury Disrupts Iran's Transnational Missile and UAV Procurement Networks." November 12, 2025. https://home.treasury.gov/news/press-releases/sb0313
  20. Recorded Future / Insikt Group. "Production and Proliferation: Iran's Drone Industry." August 1, 2024. https://go.recordedfuture.com/hubfs/reports/TA-IR-2024-0801.pdf
  21. Foundation for Defense of Democracies. "U.S. Sanctions China-Based Front Companies Procuring Drone Components for Iran." March 3, 2025. https://www.fdd.org/analysis/policy_briefs/2025/03/03/u-s-sanctions-china-based-front-companies-procuring-drone-components-for-iran/
  22. Just the News. "Iranian Official Behind Trump Assassination Plot Killed as U.S. Prosecutes Would-Be Assassin in NYC." March 2026. https://justthenews.com/government/security/irgc-leader-behind-trump-assassination-plot-killed-us-prosecutes-would-be
  23. U.S. Department of the Treasury, OFAC. "Treasury Targets Iranian Weapons Procurement Networks Supporting Ballistic Missile and Military Aircraft Programs." October 1, 2025. https://home.treasury.gov/news/press-releases/sb0270
San Diego Military & Defense Monitor  ·  Special Report: Contractor Threat Assessment  ·  March 11, 2026

 

Comments

Post a Comment

Popular posts from this blog

Major Downtown San Diego Development Returns to Lender as Office Market Struggles Continue

Image
Building 200 at The Campus at Horton, pictured center left in green, includes first- and second-floor retail space. The five-story building also features three floors of office space. (Stockdale Capital Partners, LLC) Flagship $400M Campus at Horton Project Becomes Latest Casualty of Post-Pandemic Commercial Real Estate Crisis AllianceBernstein takes control of Horton Plaza redevelopment after developer defaults on $365.7 million loan The ambitious transformation of San Diego's iconic Horton Plaza mall has officially failed, with lender AllianceBernstein taking control of the $400 million Campus at Horton project following a public foreclosure auction that drew no bidders on Monday. The foreclosure marks the end of a seven-year effort by Los Angeles-based Stockdale Capital Partners to convert the 1980s-era shopping center into a modern mixed-use office campus in the heart of downtown San Diego. The developer lost control of the 10-acre property after defaulting on...
Read more

End of an Era: San Diego Reader Ceases Print Publication After 52 Years

Image
End of an Era: San Diego Reader Ceases Print Publication After 52 Years May 15, 2025 SAN DIEGO — After more than five decades as a staple in San Diego's media landscape, the San Diego Reader has ended its print publication, marking another casualty in the ongoing decline of local print journalism across the United States. The alternative weekly newspaper published its final print edition on February 13, 2025, concluding a 52-year run that began when Jim Holman, then a 26-year-old graduate student, founded the publication in 1972 with an initial press run of 20,000 copies. "It's kind of undeniable that we can't do print anymore," Holman told the Times of San Diego in February, noting that even his own children have abandoned print for digital content. The Reader's new owner, longtime editor Matthew Lickona, who purchased the publication from Holman for just $1 around January 1, had initially hoped to maintain and even expand the print edition. "When...
Read more

Miramar Road property zoned for housing is sold

Image
Miramar Landing Transforming San Diego's Landscape: Commercial to Residential Conversion Takes Shape in Mira Mesa By Claude News Service March 28, 2025 In a significant move that signals the future direction of San Diego's urban development, Pacifica Companies has purchased over 10 acres of land on Miramar Road for $30.6 million, embracing the city's vision to transform commercial areas into high-density residential neighborhoods. The January acquisition of the Miramar Landing shopping center and adjacent properties marks one of the first major investments following the December 2022 adoption of the new Mira Mesa Community Plan. This ambitious blueprint aims to reshape one of San Diego's largest neighborhoods from car-dependent suburban sprawl into a network of pedestrian-friendly urban villages. "We're witnessing the beginning of a fundamental shift in how we utilize commercial spaces in San Diego," said urban planning expert Maria Gonzalez. "Th...
Read more