According to a report from Cybersecurity and Infrastructure Security Agency (CISA), the FBI, the Department of Defense Cyber Crime Center (DC3), and the National Security Agency (NSA), Iran may target United States with a cyberattack.
In response to the June 20 bombing of Iranian nuclear facilities, Iranian state-sponsored or affiliated threat actors may conduct a range of targeted cyber-attacks, the report said. The report, Iranian Cyber Actors May Target Vulnerable US Networks and Entities of Interest, said the actors could exploit known vulnerabilities in unpatched or outdated software, compromise internet-connected accounts and devices that use weak passwords or work with ransomware affiliates to steal and or leak sensitive information.
However, the report said, no activity has been noted at the time of the report’s release.
“At this time, we have not seen indications of a coordinated campaign of malicious cyber activity in the U.S. that can be attributed to Iran,” the agencies said in a press release. “However, we are urging critical infrastructure organizations to stay vigilant to Iranian-affiliated cyber actors that may target U.S. devices and networks.”
The agencies said they were monitoring the situation and would be coordinating with government, industry and international partners to share intelligence about any possible actions, as well as provide resources and assistance.
CISA also strongly suggested organizations report any suspicious or criminal activity related to Iranian cyber activity.