Iranian threats to European security are no longer limited to ballistic missiles or proxy militias.
Today, cyberspace has become the regime’s most effective arena for penetrating democratic states, relying on a sophisticated network of shell companies that operate as seemingly legitimate fronts for hostile intelligence activity.
Sweden—with its open business environment and advanced digital infrastructure—has unintentionally become one of the key hubs for this activity.
European security investigations point to a recurring pattern: companies legally registered in Sweden, ostensibly active in software, technical consulting, or cybersecurity, but in practice serving a dual purpose. These entities provide legal cover for collecting sensitive information, including data on European government institutions, defense and energy companies, Iranian regime opponents in exile, and research centers and investigative journalists.