On 2 March, the British newspaper Financial Times published a detailed investigation titled “Inside the Plan to Kill Ali Khamenei”. The report was built on testimonies from several current and former Israeli intelligence officials, alongside other people familiar with the operation. The narrative presented by the newspaper describes a comprehensive intelligence penetration that continued for years and culminated in the assassination of Iranian Supreme Leader Ali Khamenei on 28 February.
According to this account, almost all traffic cameras in Tehran had been compromised for years, with their footage encrypted and sent to servers in Tel Aviv and southern Israel. The newspaper said one of those cameras had a perfect angle, exposing the location where Khamenei’s personal guards usually parked their vehicles near his compound on Pasteur Street. From that angle, Israeli intelligence built detailed files containing the guards’ home addresses, shift hours, daily routes, and most importantly, which senior official they were protecting.
“Almost all traffic cameras in Tehran had been compromised for years, with their footage encrypted and sent to servers in Tel Aviv.”
According to the investigation, the cameras were only one layer among hundreds of intelligence sources. The newspaper described how Israel disabled components in around 10 telecommunications towers near Pasteur Street, making the phones of the protection team appear busy when contacted, which prevented any warning from getting through. It also noted that social network analysis algorithms combed through billions of data points to map decision-making centres and identify new targets.
Information from Israel’s Unit 8200 signals intelligence division, together with human agents from Mossad and mountains of data processed by military intelligence, all flowed into a single production line with one final product: targets. As Itai Shapira, a reserve brigadier general in the Israeli military and an intelligence expert for more than 25 years, told the British newspaper: “In Israeli intelligence culture, targeting intelligence is the most important tactical issue. If the decision-maker decides that someone must be assassinated, the culture in Israel is: we will provide the targeting intelligence.”
Then came the final and decisive layer mentioned by the newspaper: the Americans had a human source who confirmed that Khamenei would hold a meeting that Saturday morning in his office. Israeli fighter jets, which had been flying for hours, then launched up to 30 precision-guided munitions at the compound. Ali Khamenei was killed instantly, along with his daughter, son-in-law, grandson, and several senior officials.
This is the Western account, shaped by newspapers using Israeli sources. It carries all the hallmarks of a victorious intelligence narrative: impressive technical details and the attribution of superiority to brilliance rather than to the enormous imbalance in power and technology. It is important to note that none of these details came from an Iranian or independent source, and that Israel has a clear interest in portraying the operation as a complete penetration.
Yet even if this account is treated with the caution it deserves, what happened to Iran did not happen because Israel is as brilliant as it wants to appear. It may have happened because Iran suffered from a structural problem: foreign-made surveillance cameras with known vulnerabilities, centralised and non-isolated communications networks, an open digital environment, and a security system designed entirely without being fortified against those observing it from the outside.
Put simply, what Israel and the United States did was exploit structural weaknesses that already existed before any intelligence operation began. The technological superiority is real and clear, but it is not the only decisive factor. The decisive factor may be that Iran’s technological infrastructure was already open to its adversaries from the beginning. The proof that this is a structural problem, not an inevitable fate before Western technology, is that at least one state has already closed every one of those doors: China.
“The decisive factor may be that Iran’s technological infrastructure was already open to its adversaries from the beginning.”
Over the past two decades, Beijing has systematically created a counter-technical architecture. It replaced its surveillance infrastructure with a fully domestic system, built a communications network that does not rely on a single foreign supplier, and established a digital wall that makes foreign intelligence harvesting of data far more difficult. But the Chinese model is not a recipe that can be applied anywhere.
What Beijing built required decades of investment in a domestic technology industry, an industrial base capable of producing everything from cameras to chips, and a governance system that allows the state to exercise total control over digital infrastructure. Most countries in the world do not possess these conditions. This makes the story more urgent and raises an important question: if the only proven solution requires being China, what does that mean for every other country that is not China?
Iran’s Surveillance System
The paradox revealed by the details of Khamenei’s assassination, even within the limits of the Israeli account, is not that Iran was technologically weak. On the contrary, Iran had established one of the most advanced internal surveillance systems in the region. It had a broad network of cameras in Tehran and other major cities, used them effectively to track and arrest protesters, possessed advanced facial recognition capabilities, and controlled telecommunications networks. The problem is that all these tools were built to face inward, while none of them were fortified against an external adversary, as became evident after the events of the war last June.
Take the cameras as an example. A recent investigation by Forbidden Stories revealed that Iranian authorities secretly purchased the Russian facial recognition programme FindFace in 2019. The programme is capable of identifying a face in a crowd from a database of 500 million faces in less than a second. In 2021, the government signed a contract with one company to provide 200 surveillance cameras operating with real-time facial recognition, supported by a database containing “300 million events”. The term “event” here refers to the algorithm that identifies a face. That system was effective for internal purposes, but it was built on hardware exposed to external hacking.
“The Chinese cameras in Tehran did not operate within an isolated network as they do in Beijing, but within infrastructure that was vulnerable to penetration.”
Here, another layer of the paradox emerges. Based on an analysis by the Lowy Institute for International Policy issued last January, Iran built its technical security system by relying on Chinese-made cameras that entered the country through local intermediaries and distributors, feeding city-level surveillance systems. But the issue is not merely the importation of devices. Iran did not establish the domestic system capable of securing this infrastructure against penetration. The Chinese cameras in Tehran did not operate within an isolated network as they do in Beijing, but within infrastructure that was vulnerable to penetration.
This issue is not limited to Israel. Iran itself knows those cameras can be hacked because it does the same thing to surveillance cameras in other countries. A report by Check Point Research, published in March, documented an intensive wave of Iranian attempts to compromise Hikvision and Dahua surveillance cameras in Israel, Cyprus, and other countries in the region. These attempts began in the first hours of the war.
“Tehran uses compromised cameras to assess damage after missile strikes.”
The report linked this activity to an Iranian method that uses hacked cameras to assess damage after missile strikes. During the war last June, researchers observed an Iranian hack of a street camera outside the Weizmann Institute of Science in Israel shortly before it was hit by a ballistic missile. In other words, Iran was using the same vulnerabilities that were used against it. It knew that Hikvision and Dahua surveillance cameras had known weaknesses, such as authentication bypass, remote command execution, and unchanged default passwords. Yet it invested in exploiting these weaknesses on the territory of others without closing them on its own territory.
The same pattern appeared in the communications layer. According to internal documents from an Iranian telecommunications company, published by The Intercept in October 2022, mobile network regulators in Iran had direct access to systems that allowed real-time tracking of user locations, monitoring of metadata, and selective interference in communications. This system was effective in tracking the protest movement that began in September 2022. At the same time, however, it was a centralised system. Any breach of one node would give the attacker broad visibility, which is precisely what the Financial Times account describes.
What can be concluded is that when an adversary with the technical capabilities of Israel and the United States looked at that system from the outside, it did not need extraordinary effort to penetrate it, because the system was already open from the beginning. This leads to the next question: what if a state such as China created the same surveillance system, but manufactured the cameras itself, operated them on its own network, and did not import software from anyone?
Surveillance Cameras
In 2005, China launched a project called Skynet. Its declared aim was simple: to cover major cities with surveillance cameras to fight crime. By 2013, when the government publicly revealed the project’s existence, the network contained more than 20 million cameras. Then, in 2015, the Sharp Eyes project came to extend the network into rural areas and small towns. China’s national planning authority described its aim as a video surveillance system that would be “present everywhere, fully connected, always operating, fully controllable, and covering 100 per cent of public spaces”.
Today, the numbers describe a reality unlike that of any other state. Some recent estimates point to more than 600 million cameras operating in China. But the difference is not only in the number. In Western countries, most surveillance cameras are privately owned. In China, most of them are managed or directly monitored by public security bureaus. The Sharp Eyes project even integrates private cameras, such as those installed outside shops and residential compounds, into the state network.
“More than 600 million cameras are operating in China, most of them monitored by public security bureaus.”
Here lies the fundamental difference with Iran. The issue is not that China has more cameras. The issue is that China manufactures and manages them. Hikvision, Dahua, and Uniview, three Chinese companies, control around 60 per cent of the domestic surveillance market according to the latest 2025 estimates. Hikvision alone is the world’s largest manufacturer of video surveillance equipment and is 42 per cent owned by the Chinese government.
Iran bought Chinese-made cameras that entered through intermediaries, then installed Russian facial recognition software that it had purchased secretly. It did not manufacture any of the components domestically, did not develop any of the algorithms, and did not control the supply chain. But the issue goes beyond ownership alone. After Washington imposed a ban in 2019 on the export of advanced American chips, from companies such as Intel and Nvidia, to Chinese surveillance companies, Hikvision and Dahua responded by shifting their design maps towards domestic chips. As a result, the ban that was intended to weaken the Chinese system helped launch a fully domestic chip ecosystem.
Then there is the network structure itself. Skynet is managed through China’s three state-owned telecommunications companies: China Mobile, China Unicom, and China Telecom. The cameras do not pass through the public internet, but through dedicated government networks. The Sharp Eyes project connects village and town cameras to unified command centres at the county level. In 2025, Chinese police issued rules requiring surveillance system operators to register their systems with local law enforcement agencies. This means that every camera on Chinese territory, whether public or private, has become registered and visible to the state.
“Every camera on Chinese territory, whether public or private, has become registered and visible to the state.”
In the same year, the government launched the National Internet Identity Authentication System, a centralised platform that issues “network numbers” and “network credentials” for every user. This means that every website visited and every message sent passes through one digital file. Facial recognition systems are also supported by technologies developed by the Chinese company Megvii, SenseTime’s analytics, and Yitu’s artificial intelligence capabilities. There is no foreign component in the sensitive layers of the system.
This does not mean that China’s system is immune. The 2022 leak of the Shanghai police database exposed the data of more than one billion citizens and showed that scale itself carries its own fragility. But the relevant difference here is not whether the system is perfect. The difference is that it is fully domestic. When Israel hacked Tehran’s cameras, it exploited vulnerabilities in devices that Iran did not manufacture and whose security updates it did not control.
“Any attempt to cyber-penetrate China means penetrating Chinese devices, through Chinese networks, managed by Chinese state companies, and subject to Chinese cybersecurity laws, which makes the distance between the vulnerability and the target much longer.”
As for the Chinese system, any similar attempt would mean penetrating Chinese devices, through Chinese networks, managed by Chinese state companies, and subject to Chinese cybersecurity laws. Therefore, the distance between the vulnerability and the target is far longer. The paradox is that the same cameras Iran hacks on the territory of others, Hikvision and Dahua, are manufactured by China and exported to the world. China sells the devices to others, but keeps the closed system for itself. Yet cameras are only the first layer. What about the network that carries their signals?
Telecommunications Towers
When Israel disabled telecommunications towers near Pasteur Street in Tehran, it was not penetrating a secret military system. It was manipulating the same commercial network used by Iranian citizens. According to the Israeli account, the protection team of the Supreme Leader communicated through the same infrastructure used by taxi drivers and shop owners. This is not merely a technical vulnerability. It is a clear structural vulnerability. When leadership communications depend on the public commercial network, any adversary capable of manipulating that network can also isolate the leadership at the decisive moment.
In China’s case, the situation is entirely different. Let us begin with the basic facts. Huawei is the world’s largest manufacturer of network equipment, controlling around 31 per cent of the global market by mid-2025. Partially state-owned ZTE controls another 11 per cent. China’s three major telecommunications companies, China Mobile, China Unicom, and China Telecom, are all state-owned and operate entirely on domestic infrastructure. There is no foreign supplier in the core network. The system is Chinese from fibre optics to 5G towers.
“Huawei is the world’s largest manufacturer of network equipment, controlling around 31 per cent of the global market.”
What makes this reality more significant is that the West understands exactly why this matters, because it suffers from the same problem in reverse. In 2019, the US Federal Communications Commission classified Huawei and ZTE as national security threats and banned American internet providers from using federal funds to purchase their equipment. The stated justification was China’s 2014 Counter-Espionage Law and 2017 National Intelligence Law, which require Chinese organisations to cooperate with intelligence agencies. In other words, Washington is saying: we cannot trust that Huawei will not open a backdoor for Beijing.
The paradox here is double-edged. The very features that make Huawei a threat in Washington’s view are the same features that make Chinese telecommunications networks harder to penetrate. The countries spending billions to remove Huawei equipment from their networks are implicitly acknowledging the same principle on which China built its system: whoever manufactures the infrastructure controls it.
The strongest evidence that China understands communications infrastructure as an intelligence weapon does not come from its defensive structure, but from its offensive operations. In 2024, it was revealed that a Chinese hacking group known as Salt Typhoon, affiliated with China’s Ministry of State Security, had penetrated the networks of nine major American telecommunications companies, including Verizon, AT&T, and T-Mobile. The breach targeted more than 80 countries and 600 organisations and had continued since at least 2019 without being detected.
“The features that make Huawei a threat in Washington’s view are the very same features that make Chinese telecommunications networks harder to penetrate.”
What Salt Typhoon stole was not ordinary data. The group penetrated “lawful interception” systems, the systems used by US law enforcement agencies to monitor suspects under court order. In other words, China did not merely spy on calls. It spied on the spying system itself. According to several reports, the targets included the communications of President Donald Trump and his deputy J.D. Vance during the election campaign. The chair of the Senate Intelligence Committee described the breach as “the worst telecom hack in our nation’s history”.
Here, the paradox becomes almost satirical. China penetrated American telecommunications networks through vulnerabilities in outdated Cisco devices, after American telecommunications companies left key access points unsecured with default usernames and passwords. This is exactly the kind of structural weakness that Chinese systems try to avoid, because the network, the company, and the regulator are all under the same state umbrella.
Therefore, what had quietly guided Beijing’s policy for years was the understanding that telecommunications infrastructure is not neutral commercial infrastructure. It is an intelligence arena. Whoever does not manufacture their own equipment is operating on an adversary’s ground. Israel says it disabled Iranian telecommunications towers to isolate Khamenei’s guards at the decisive moment during the attack. Meanwhile, events showed that China had penetrated American telecommunications networks and may have listened to the calls of the American president during his election campaign.
“Telecommunications infrastructure is not neutral commercial infrastructure. It is an intelligence arena. Whoever does not manufacture their own equipment is operating on an adversary’s ground.”
Both operations may prove the same principle: the communications network is the most sensitive layer in the security of any state. The difference between Iran and China is that Iran was on the receiving end of this principle, while China was on the sending end. But cameras and towers transmit data. What about the data itself?
The Firewall
The Financial Times account says Israel used social network analysis to comb through billions of data points, identify unexpected centres of gravity in the decision-making system, and uncover new targets for monitoring and assassination. This type of large-scale algorithmic analysis requires one essential thing: access to data. It requires communications data, geolocation data, social network data, and patterns of digital usage. In Iran, despite internal censorship, the digital environment was exposed enough to feed this kind of digital harvesting. In China, this door is closed in a radically different way.
China’s Great Firewall blocks more than 311,000 domains, based on 2020 estimates, and the number is certainly much higher now. All internet traffic into and out of China passes through a limited number of gateways equipped with deep packet inspection tools that monitor content at the protocol level. There are no Google platforms, Facebook, YouTube, or WhatsApp. Instead, China built a fully parallel digital system made up of WeChat for messaging, payments, and government services, with 1.09 billion active users according to June 2025 statistics, as well as Baidu for search, Alibaba for e-commerce, and others.
“China’s Great Firewall blocks more than 311,000 domains, based on 2020 estimates.”
In Iran, citizens and officials alike use applications whose data passes through foreign servers or can be intercepted beyond the country’s borders. Even with Iranian internet censorship, Telegram remained widely popular until it was partially blocked, and the use of virtual private networks is widespread. Iran’s digital environment has enough holes for any advanced intelligence agency to pull large volumes of data from it. In China, the entire digital system is domestic. Data is produced on Chinese platforms, stored on Chinese servers, and processed by Chinese algorithms. There is no data pipeline passing outside the borders that a foreign agency can easily intercept.
Then came the legal layer to reinforce what was already a practical reality. The 2017 Cybersecurity Law required operators of critical infrastructure to store data produced in China within its borders. Foreign companies operating in China were forced to comply or leave. Apple moved Chinese iCloud data to local servers in partnership with a Chinese company. Microsoft expanded its Azure cloud services through a local partner.
The 2021 Data Security Law went one step further. It classified data according to sensitivity and banned any entity from providing data stored in China to any foreign government agency without Chinese authorities’ approval, regardless of the sensitivity level of the data or where it was originally collected. In the same year, the Personal Information Protection Law restricted the transfer of personal data across borders.
“There is a legal system that makes extracting data from China both illegal and impractical.”
The result was three interlocking laws that make extracting data from China both illegal and impractical. In October 2025, the Cybersecurity Law was amended for the first time since its issuance to include artificial intelligence risks and cross-border cyber threats, while raising fines to 10 million yuan, around USD 1.4 million, for institutions and 1 million yuan, around USD 140,000, for individuals.
The most recent and most revealing development was documented by researchers at Oxford University in a study published last February in the Journal of Cybersecurity. The study examined more than 13,000 Chinese government websites and found that a large number of them completely block access from foreign IP addresses. The researchers called this phenomenon the “Reverse Great Firewall”. The original firewall prevents Chinese citizens from accessing foreign content, while the reverse firewall prevents the outside world from accessing Chinese information. The researchers concluded that this represents a systematic effort to prevent open-source intelligence collection and data mining of government information from abroad.
Consider the difference here. Social network analysis requires access to huge volumes of data from social media platforms, communications records, and mobility patterns. In Iran, this data is distributed across foreign platforms, such as Telegram, which was among the most popular telecommunications networks that can be hacked from the outside, and a digital environment that does not strictly enforce data localisation. In China, the same data exists, but it is locked inside the WeChat, Baidu, and Alibaba ecosystem, on Chinese servers, protected by laws that criminalise its removal, behind a wall that even prevents open access to government websites. The large-scale algorithmic harvesting that Israel practised against Iran runs here into a technical, legal, and architectural wall.
“The Reverse Great Firewall prevents the outside world from accessing Chinese information.”
This does not mean, of course, that foreign intelligence agencies are completely unable to collect data from inside China. The Salt Typhoon operations themselves show that China is capable of penetrating the networks of others, and nothing theoretically prevents the reverse principle. But the structural difference is clear. In Iran’s case, the digital environment was open enough for passive harvesting. In China, any data collection operation requires active penetration of a tightly controlled domestic system, which is far more difficult and easier to detect. Cameras, towers, and data: China closed all three layers through domestic systems. But there is a fourth layer that cannot be closed by technology alone: the human element.
The Agent Network
In the Financial Times account, the final and decisive layer in the chain of targeting Khamenei was human, not technical. The report says Israeli intelligence had electronic-source information confirming that the meeting was taking place and that the officials were on their way. But the Americans had something more decisive: a human source on the ground who confirmed those details.
The human source is what turns electronic information from probability into certainty. Cameras can be monitored, phones can be tracked, and data can be analysed. But when the aim is to launch 30 precision-guided munitions at a location containing the Supreme Leader and top-ranking military commanders, someone is needed to know and confirm those details. This is the layer against which China built its most devastating defences.
“Chinese intelligence dismantled the CIA’s entire human network inside China.”
Between 2010 and 2012, Chinese intelligence dismantled the CIA’s entire human network inside its territory. Initial estimates indicated that 18 to 20 sources were killed or imprisoned, while later estimates from Foreign Policy suggested the number rose to at least 30. One source was executed by firing squad in the courtyard of a government building in front of his colleagues, as a message to others. American officials described the operation as one of the worst intelligence breaches in decades, comparing it to the damage caused by Aldrich Ames and Robert Hanssen on behalf of the Soviet Union.
That comparison refers to Soviet intelligence agencies, and later Russian intelligence, exploiting two of the most prominent spies inside the United States: CIA officer Aldrich Ames, who spied for Moscow from 1985 until his arrest in 1994, and FBI agent Robert Hanssen, who passed secrets to the Soviet Union and then Russia during a period authorities said extended from 1979 to 2001. The two men exposed highly sensitive American intelligence information, including human sources, contributing to one of the most damaging counterintelligence failures in American history.
How did China uncover the CIA network? The reason was twofold, and both parts are directly linked to the Iran story. The first was a covert communications system. The CIA had used an electronic communications system with its sources in China based on disguised websites. The problem was that this system had been imported from the agency’s operations in the Middle East, where the electronic environment was far less dangerous.
This is where the two stories intersect. Sources indicate that the flaw in the covert communications system was first discovered in Iran, which likely shared it with Beijing, as Foreign Policy reported. In other words, part of China’s success in dismantling the CIA network was not independent foresight, but intelligence cooperation with the very same country that was later completely penetrated. Iran helped China close a door it failed to close for itself.
“Iran helped China close the door it failed to close for itself.”
The second part was betrayal from within. In 2018, Jerry Chun Shing Lee, a former CIA officer who had worked in Beijing, was arrested and later admitted conspiring to commit espionage on behalf of China’s Ministry of State Security. Court documents indicate that he received hundreds of thousands of dollars. However, investigators concluded that there was no single cause, but rather the accumulation and convergence of multiple events: a double agent, a flawed communications system, and, in some cases, careless intelligence work.
Then came the second blow. In 2015, Chinese hackers stole the data of 22.1 million current and former US government employees from the Office of Personnel Management. This was not ordinary data. It included security clearance investigations containing mental health history, personal relationships, relatives abroad, financial records, and the fingerprints of 5.6 million people. The CIA began to fear that China would compare lists of US embassy employees with the stolen database. Anyone working in the embassy whose name did not appear in those federal records was most likely an intelligence officer operating under diplomatic cover.
After this double disaster, China did not merely repair the damage. It built a system that makes its recurrence far more difficult. The amended 2023 Counter-Espionage Law expanded the definition of espionage to include “all documents, data, materials, and items related to national security and interests”. The law requires all citizens and organisations to support counter-espionage efforts and report any suspicious activity. The Ministry of State Security launched a channel on WeChat with detailed guidance for citizens on how to report.
By contrast, the CIA has not stopped trying. In May 2025, the agency released its first two Chinese-language videos to recruit sources from within the Communist Party. In February 2026, it released a third video specifically targeting Chinese military officers, taking advantage of a broad purge campaign that removed a senior general. John Ratcliffe, the CIA director, described China as the agency’s “top intelligence priority”. Beijing responded angrily and vowed to take “all necessary measures” to protect its national security.
The final paradox in this layer is that the CIA’s success in planting a human source who confirmed Khamenei’s location proves that Iran did not close this door despite decades of hostility with Washington. China, meanwhile, closed it in a short period and built above it a firm wall of laws, punishments, and public surveillance.
“The question is not whether what happened can be repeated. The question is: what can truly be done to prevent it from happening again?”
Is the Chinese wall immune and impossible to penetrate? No one knows for certain. The American agency says it is making progress in rebuilding its networks. But the fact that it resorted to publishing public videos on YouTube to recruit sources inside the world’s most counterintelligence-intensive state offers an indication of the scale of the difficulty. According to the Financial Times report, one Israeli intelligence official said his colleagues knew Tehran as well as they knew Israeli cities. Yet what the investigation revealed, even within the limits of its biased account, was not a story of supernatural intelligence superiority. It was a story of internal structural failure. Iran was not so much the victim of its enemies’ genius as it was the victim of its fragmented infrastructure.
China looked at this scene before it materialised in its final form and built the opposite. But can the Chinese model be considered a ready-made formula that other countries can import? The direct answer is: most likely, no country can simply replicate the Chinese experience. What happened to Iran was not an inevitable fate, but the result of choices that can be dissected and understood, as explained above. While China proved that those doors can be closed, it also proved that closing them requires an integrated industrial base, decades of massive investment, and a governance system possessed by only a handful of major states.
Somewhere else in the world, a security official has watched the details of the Tehran operation and now understands that what happened to the highest authority in Iran is not exclusive to Iran. He also understands that the only model that has proven capable of preventing such a scenario requires your country to be China. The question is not whether what happened can be repeated. The question is: what can truly be done to prevent it from happening again?
