On January 4, 2020, the US Department of Homeland Security posted at National Terrorism Advisory System Bulletin, in the wake of the killing of a senior Iranian military leader by a US drone. That DHS advisory states:
The United States designated Iran a “State Sponsor of Terrorism” in 1984 and since then, Iran has actively engaged in or directed an array of violent and deadly acts against the United States and its citizens globally. The United States designated Iran’s Islamic Revolutionary Guard Corps (IRGC) a Foreign Terrorist Organization on April 15, 2019 for its direct involvement in terrorist plotting.
The specific cyber security ramifications noted by DHS from this status are:
- “Previous homeland-based plots have included, among other things, scouting and planning against infrastructure targets and cyber enabled attacks against a range of U.S.-based targets.”
- “Iran maintains a robust cyber program and can execute cyber attacks against the United States. Iran is capable, at a minimum, of carrying out attacks with temporary disruptive effects against critical infrastructure in the United States.”
(Emphasis added.) Already, it appears pro-Iranian actors have hacked a US government website. A group that calls itself “Iran Cyber Security Group Hackers,” claimed responsibility and said, “This is only small [sic] part of Iran’s cyber ability.”
In light of this threat, increased cyber security vigilance is called for, both at the IT systems level and among system users. In particular, users should be mindful of the risk of phishing attempts and related endpoint concerns.