Although there’s “no specific, credible threat” of an Iranian cyberattack on the U.S., officials with the Department of Homeland Security (DHS) released a bulletin this week through its National Terrorism Advisory System warning of its potential.
The bulletin warns of Iran’s ability to carry out cyberattacks with “disruptive effects” against critical U.S. infrastructure in response to the recent U.S. airstrike that killed Iranian Quds Force commander Gen. Qassem Soleimani last week. [related]
In the bulletin, sent in the wake of the U.S. airstrike that killed, DHS noted that while there is currently “no information indicating a specific, credible threat to the Homeland,” Iran does have the ability to attack the U.S. in cyberspace, according to The Hill.
“Previous homeland-based plots have included, among other things, scouting and planning against infrastructure targets and cyber enabled attacks against a range of U.S.- based targets,” DHS wrote in the bulletin.
The agency noted that “Iran maintains a robust cyber program and can execute cyber attacks against the United States. Iran is capable, at a minimum, of carrying out attacks with temporary disruptive effects against critical infrastructure in the United States.”
All of this serves as a warning to those in the AV integration world to ensure the networked devices they’re installing are secure.
Acting DHS Secretary Chad Wolf tweeted Saturday that the bulletin was intended to “inform & reassure the American public, state/local governments & private partners that DHS is actively monitoring & preparing for any specific, credible threat, should one arise.”
The bulletin, which also warned of the potential for Iran to attempt to carry out terrorist attacks on the U.S., recommended that Americans implement basic measures to defend against cyberattacks, such as backing up data and using two-factor authentication on sensitive accounts.
DHS wrote that while an “attack in the homeland may come with little or no warning,” DHS is working with state and local officials to “detect and defend” against any threats to the U.S.
How Iran Became a Cyber Threat
The Intelligence Community has made note of Iran’s increasing abilities to carry out cyberattacks against the U.S. for most of the past decade, with Iran considered one of the top nation-state cyber threats to the U.S. in cyberspace alongside Russia, China and North Korea.
In the most recent Worldwide Threat Assessment, published in early 2019, former Director of National Intelligence Dan Coats wrote that “Iran has been preparing for cyber attacks against the United States and our allies,” noting that the country “is capable of causing localized, temporary disruptive effects—such as disrupting a large company’s corporate networks for days to weeks.”
Cybersecurity group CrowdStrike put out a statement on Monday warning that American industries such as oil and gas and electricity “could be likely targets” of a retaliatory Iranian cyberattack, according to the report.
“CrowdStrike Intelligence believes that Iranian adversaries are likely to leverage a broad range of means, including cyber operations, against U.S. and allied interests,” the company said.
“Our current assessment is that organizations in the financial, defense, government, and oil and gas sectors are the most likely targets for retaliation activity.”
