Infrastructure leaders and federal authorities remain vigilant against potential cyber-attacks originating from Iran.
The Cybersecurity and Infrastructure Security Agency (CISA) has announced that there are currently no specific credible threats against the homeland. This comes after a history of attacks against poorly configured water utilities and other systems by Iran-linked actors.
The warning was issued due to the aforementioned history, with Scott Reif, chief communications officer at New York State's Office of Information Technology Services, also stating that there are no known credible threats to New Yorkers at this time.
As of Tuesday, CISA has not observed any significant cyberattacks related to the Iran conflict. An apparent truce announced by President Donald Trump on Monday has lowered international tensions, but officials remain on guard for any potential threat activity.
However, the U.S. Department of Homeland Security (DHS) has warned that hacktivist groups and Iran-linked actors could potentially conduct cyberattacks targeting critical U.S. infrastructure operators. The exact groups referenced by DHS in this latest warning were not identified in the provided sources.
Researchers at Radware have observed a large increase in claimed distributed denial-of-service (DDoS) activity targeting U.S. critical infrastructure, including finance, government, and military-linked manufacturing. Israeli cyber firm Check Point Software reported that pro-Iran hacktivists were claiming responsibility for DDoS attacks on U.S. targets.
Despite these reports, the Information Technology Information Sharing and Analysis Center and the Food and Agriculture Information Sharing and Analysis Center have not seen any confirmed attacks against either sector in connection with the Iran threat.
DHS Secretary Kristi Noem spoke to state governors and local officials about the potential threats on Sunday. New York is operating at heightened awareness, including protections against tactics, techniques, and procedures that have previously been used by Iran and their allies.
The Cybersecurity and Infrastructure Security Agency (CISA) is actively coordinating with government, industry, and international partners to share actionable intelligence and strengthen collective defense. Security teams are closely coordinating to monitor for suspicious activity related to the Iran conflict.
A report from internet monitoring firm Censys on Monday stated that Iran has been in a near-total internet blackout since June 18. This could potentially limit the ability of Iran-linked actors to launch cyberattacks, but it does not guarantee that such attacks will not occur.
In conclusion, while there are no specific credible threats against the U.S. homeland as of now, vigilance remains high. The CISA, DHS, and other agencies are working diligently to monitor the situation and protect critical infrastructure from potential cyber threats.
