The US authorities has warned of a heightened threat of cyber-attacks by Iran state-sponsored menace actors and hacktivist teams following American navy strikes towards Iranian targets over the weekend.
The warning was a part of a Nationwide Terrorism Advisory System Bulletin issued by the US Division of Homeland Safety (DHS) on June 22.
“The continued Iran battle is inflicting a heightened menace atmosphere within the US. Low-level cyber-attacks towards US networks by pro-Iranian hacktivists are possible, and cyber actors affiliated with the Iranian authorities might conduct assaults towards US networks,” the advisory learn.
On June 21, US President Donald Trump introduced to the nation that the US navy had carried out air strikes on Iranian nuclear services, which he described as a “spectacular navy success,” leading to enrichment services being “fully and completely obliterated.”
The strikes got here amid an ongoing battle between Israel and Iran over the Tehran regime’s alleged nuclear ambitions.
The DHS believes that US residents and entities at the moment are at heightened threat of bodily and cyber revenge assaults after the direct US navy engagement within the battle.
“The chance of violent extremists within the Homeland independently mobilizing to violence in response to the battle would possible improve if Iranian management issued a spiritual ruling calling for retaliatory violence towards targets within the Homeland,” the advisory added.
Iran’s Concentrating on of US Infrastructure and Politicians
The DHS advisory famous that each hacktivist and Iranian government-affiliated actors routinely goal poorly secured US networks and Web-connected units for disruptive cyber-attacks.
Western officers have persistently warned in regards to the menace from Iranian cyber actors to crucial infrastructure up to now yr.
In February 2025, the US authorities slammed Iran for “destabilizing and doubtlessly escalatory” cyber-attacks on crucial infrastructure, and issued sanctions towards six senior officers of the Iranian Islamic Revolutionary Guard Corps Cyber-Digital Command (IRGC-CEC) it believes have been behind cyber-attacks on an Israeli producer of programmable logic controllers (PLCs) used within the water sector and different crucial infrastructure organizations.
In October 2024, intelligence and regulation enforcement businesses in Australia, Canada and the US warned about an Iran-backed year-long marketing campaign throughout which hackers used brute power and different strategies to compromise organizations throughout a number of crucial infrastructure sectors.
Within the run as much as the US Presidential election in November 2024, it was revealed that Iranian state-backed menace actors had focused candidates to try to sow discord and entry delicate information.
This included the hack of one in every of Trump’s marketing campaign web sites.
How US Organizations Can Put together for Iranian Cyber-Assaults
John Hultquist, chief analyst, Google Risk Intelligence Group, defined that for the reason that October 7 terror assaults on Israel by Hamas, Iran has primarily targeted its disruptive cyber-attack efforts on Israel.
With the newest US intervention rising the chance of such assaults on US targets, he mentioned it will be significant for particular person organizations to be further vigilant by following greatest observe recommendation.
“Iran has had combined outcomes with disruptive cyber-attacks and so they continuously fabricate and exaggerate their results in an effort to spice up their psychological affect. We needs to be cautious to not overestimate these incidents and inadvertently help the actors. The impacts should still be very critical for particular person enterprises, which might put together by taking lots of the identical steps they might to stop ransomware,” Hultquist famous.
He added: “Iran already targets the US with cyberespionage which they use to immediately and not directly collect geopolitical perception and surveil individuals of curiosity. Individuals and people related to Iran coverage are continuously focused via organizational and private accounts and needs to be looking out for social engineering schemes.
“People are additionally focused not directly by Iranian cyberespionage towards telecoms, airways, hospitality, and different organizations who’ve information that can be utilized to establish and monitor individuals of curiosity.”
