The Department of Homeland Security (DHS) issued a grave warning to U.S. businesses and critical infrastructure operators on January 6, 2020, alerting the public that Iran poses a cyber terrorism threat to the United States following the death of Iranian Quds Force commander Gen. Qassem Soleimani.
The bulletin explains that Iran’s previous plots against the U.S. were in the form of, “among other things, scouting and planning against infrastructure targets and cyber enabled attacks against a range of U.S.-based targets,” including critical infrastructure. DHS stated that “Iran maintains a robust cyber program and can execute cyber-attacks against the United States. Iran is capable, at a minimum, of carrying out attacks with temporary disruptive effects against critical infrastructure in the United States.”
In addition, it is widely predicted that Iran will redouble its efforts to hit the financial sector in the U.S., prompting the New York Department of Financial Services to issue a warning to the financial services industry earlier this week. It is also predicted that Iran may use the timing of Microsoft’s termination of support of older Windows products on January 14, 2020, to its advantage in its cyber terrorism plans against U.S. companies [view related post].
Finally, cybersecurity experts are warning U.S. companies that Iran has repeatedly targeted employees in U.S. companies with phishing attacks and fake social media requests in order to gain access to company systems and data. Companies are urged to warn their employees about being particularly vigilant about a possible increase in phishing campaigns through email requests following this incident and the escalation of tensions with Iran. Another high risk is Iranian-based and nation state hackers posing as recruiters on social media and professional social media sites, enticing employees to connect with them on social media, then obtaining personal information from the potential recruits.
Cybersecurity hygiene is always important, but because of the heightened tension with Iran, companies should think about hardening their security, warning their employees about being extra vigilant and combatting stepped-up efforts on the part of Iranian-backed hackers. We all need to be on high alert for a cyber-attack from Iran.