On 16 April 2025, the U.S. Department of Justice announced the arrest of former Federal Aviation Administration (FAA) contractor Abouzar Rahmati, a naturalized U.S. citizen and resident of Great Falls, Virginia. According to the U.S. Attorney’s Office for the District of Columbia, from 2017 to 2024, Rahmati provided sensitive information to the Iranian government concerning the FAA, U.S. airports, airport air traffic control systems, and solar energy infrastructure. It was later discovered that Rahmati had previously served as an officer in the Iranian Revolutionary Guard and was passing sensitive information to Iran through his brother.
Rahmati is a classic example not only of covert human intelligence operations against the U.S., but also of the growing concern surrounding Insider Threats—an issue that spans beyond military systems and into areas like civil infrastructure. The exposure of this information poses a serious threat to both the transportation and energy sectors.
In the aviation sector, threats continuously evolve due to new technologies, improved tactics for bypassing security systems, and shifts in adversary capabilities. From a threat perspective, the information Rahmati provided will significantly enhance Iran’s ability to conduct vulnerability assessments and, more critically, improve their targeting capabilities against the U.S. civilian aviation sector. Iran possesses significant cyber warfare capabilities and is also a leader in the development of dangerous UAS (drone) systems—both of which could be used to devastating effect against aviation and solar energy infrastructure.
While Iran may lack the conventional military capacity to strike the U.S. directly, it has a well-documented history of supporting unconventional, paramilitary, and terrorist organizations worldwide. Access to detailed information outlining vulnerabilities in the U.S. civilian aviation system poses a grave threat to airports, airlines, and aviation command and control functions.
Imagine a cyberattack capable of shutting down or taking control of air traffic control systems—even for just one hour. Such an incident would not only have major economic repercussions but would also erode public trust in the U.S. civil aviation system. Worse yet, consider a small group of terrorists building explosive-laden drones within the U.S. and launching simultaneous strikes against airports or aircraft. This would result in catastrophic loss of life, extended airport closures, and severe economic damage to the aviation sector. Currently, counter-UAS (C-UAS) systems are rare in U.S. airports, and our C-UAS protocols remain insufficient. The information transferred to Iran highlights just how unprepared we are in this area—and worse, offers insight into Iranian targeting priorities.
The U.S. intelligence community tends to focus on classic strategic targets such as military facilities, national command and control, and energy infrastructure. However, this case reveals a shift in adversary focus toward civil aviation—an emerging threat that demands attention.
Finally, this case should sound alarm bells across U.S. government departments that may not typically view themselves as targets for state-sponsored intelligence collection. Security managers must take a hard look at their insider threat programs, work more closely with CISOs, and proactively vet contractor workforces. As the nature of government and warfare evolves rapidly, now is the time to remain hyper-vigilant to both insider and external collection threats.