U.S. agencies have urged critical infrastructure asset owners and operators and at-risk organizations to enhance their defenses against potential cyberattacks from Iranian cyber actors, particularly those affiliated with the Iranian Islamic Revolutionary Guard Corps.
In a joint cybersecurity information sheet, or CSI, released Wednesday, the National Security Agency, the Cybersecurity and Infrastructure Security Agency, the FBI and the Department of Defense Cyber Crime Center said hacktivists and Iranian government-affiliated actors may target poorly secured U.S. devices and networks using outdated software and default or common passwords for disruptive cyberattacks. Iranian state-sponsored or affiliated threat actors are expected to launch more distributed denial of service campaigns and conduct ransomware attacks despite a declared ceasefire and ongoing negotiations, the authoring agencies added.
Table of Contents
Why Is There Tension Between Iran and the USA?
U.S. President Donald Trump announced on June 23 that Israel and Iran agreed to a ceasefire, following U.S. airstrikes on Iranian nuclear facilities, CBS News reported. On the same day that the ceasefire was announced, Iran fired missiles at a U.S. base in Qatar in response to American strikes.
Recently, Trump indicated diplomatic talks with Iran could restart as early as this week; however, Iranian Foreign Minister Abbas Araghchi suggested that more time is needed, noting that Iran will have to ensure first that the United States will not perform similar attacks when the negotiations resume.
Responding to Potential Cyberattacks
The CSI provides organizations with information about the cyber actors’ commonly used techniques and examples of their previous cyber campaigns. The organizations, particularly critical infrastructure asset owners and operators, are advised to review the guidance to assess their cybersecurity weaknesses and update incident response plans, and implement recommended mitigations to harden their cyber defenses against malicious actors.
