The FBI and three other agencies warned on June 30 that critical infrastructure operators should be aware of potential Iranian cyberattacks coming in the wake of U.S. airstrikes on the country’s nuclear program.
“Defense Industrial Base companies, particularly those possessing holdings or relationships with Israeli research and defense firms, are at increased risk,” the agencies stated in the warning, issued by the FBI, the National Security Agency, the Department of Defense Cyber Crime Center, and the Cybersecurity and Infrastructure Security Agency.
In the statement, however, the agencies said they have not seen any indicators to suggest a “coordinated campaign” to target U.S. infrastructure operators traced back to Iran. But the agencies urged those operators “to learn more about the Iranian state-backed cyber threat and actionable mitigations to harden cyber defenses.”
In a separate bulletin, the FBI stated that it has found that over the past several months, “Iranian-aligned hacktivists have increasingly conducted website defacements and leaks of sensitive information exfiltrated from victims.”
Those groups, it said, may increase distributed denial of service (DDOS) attacks against U.S. or Israeli websites in light of the recent airstrikes targeting Iran’s nuclear facilities.
“Iranian-affiliated cyber actors may also conduct ransomware attacks in collaboration with other cybercriminal groups,” the FBI warned.
“These actors have been observed working directly with ransomware affiliates to conduct encryption operations, as well as steal sensitive information from these networks and leaking it online.”
In mid-June, Israel launched surprise attacks against Iran’s nuclear program that also killed top military officials in the country, before Iran responded by firing barrages of missiles at Israel.
The United States then bombed three Iranian nuclear facilities before President Donald Trump announced a cease-fire between Iran and Israel.
While the Trump administration said the U.S. strikes destroyed Iran’s nuclear program, the director of the United Nations’ nuclear body, the International Atomic Energy Agency (IAEA), said over the weekend that Iran may attempt to enrich uranium again within a few months.
Rafael Grossi, head of the IAEA, said on June 29 on CBS’s “Face the Nation” that the three Iranian sites with “capabilities in terms of treatment, conversion and enrichment of uranium have been destroyed to an important degree.”
But, he added, “some is still standing” and that, because capabilities remain, “if they so wish, they will be able to start doing this again.” He said assessing the full damage comes down to Iran allowing inspectors in.
“Frankly speaking, one cannot claim that everything has disappeared, and there is nothing there,” Grossi said.
Some cybersecurity researchers noted that Tehran often uses hacking operations and cyberattacks in an attempt to bolster its own standing, while exaggerating claims of scope and success.
“It’s important that we don’t overhype the threat here and give them the win they’re after,” John Hultquist, chief analyst at Google Threat Intelligence, said in a post on social media platform X on June 21.
He added that he’s more concerned “about cyber espionage against our leaders, and surveillance aided by compromises in travel, hospitality, telecommunications, and other sectors where data could be used to identify and physically track persons of interest.”
The Associated Press contributed to this report.
Friends Read Free
Copy
Facebook
Tweet
