“It was very carefully designed and showed the degree to which they understood which of our staff was working on Iran issues now that the nuclear deal is done,” said one senior American official who oversees much of that operation and who requested anonymity to discuss a continuing investigation. “It was subtle.”

Iran’s cyberskills are not yet equal to those of Russia or China. But the attack against the State Department by using the social media accounts of young government employees to gain access to their friends across the administration — a focus that had not been seen before — showed an ingenuity beyond the Russian brute-force attack that infiltrated the State Department’s unclassified email system a year ago.

In the aftermath of the nuclear accord, American intelligence officials have warned senior officials that they expect Iran to ramp up its use of cyberespionage.

The director of national intelligence, James R. Clapper Jr., has told Congress in closed sessions that he believes state-sponsored Iranian hackers are not attempting big attacks that could threaten their ability to reap the financial rewards of complying with the nuclear accord, according to two officials familiar with those briefings. But he said they were stepping up traditional cyberespionage, and getting better at it.

“The Iranians have not been as destructive as they could be, but they are getting far more aggressive in cyberespionage, which they know is less likely to prompt a response from the United States,” said James Lewis, who runs the cyberprogram at the Center for Strategic and International Studies in Washington. “They seem very attuned to every stage of implementing the nuclear agreement.”