CISA cautions on Iran threats

by Aleksandar Malivuk shutterstock ID 721814395 

Network and infrastructure operators need to be alert to growing cybersecurity risks in the wake of the targeted killing of Iranian military leader Gen. Qassim Soleimani in a drone strike last week. That's the message from the Cybersecurity and Infrastructure Security Agency at the Department of Homeland Security in a Jan. 6 publication aimed at both government and private sector officials.

U.S. officials and cybersecurity experts are concerned that Iranian reprisals for the killing of Soleimani could take the form of attacks on U.S. networks or critical infrastructure.

Hossein Salami, the head of the Revolutionary Guards forces in Iran, threatened a "tough, strong, decisive and finishing" revenge in a speech on Jan. 7. "We say again that we have strong determination and take revenge and if they continue, we will set fire at the place they like and they know where it is," Salami said in remarks translated by Iran's Fars News Service.

The CISA document points out that tensions between U.S. and Iran "have the potential for retaliatory aggression against the U.S. and its global interests." CISA warns that retaliation could take the form of disruptions to networks and cyberattacks that destroy critical infrastructure or interfere with the delivery of energy and communications as well as attacks on financial networks. Other possibilities include kinetic attacks such as bombs or drone attacks.

The document urges officials to "flag any known Iranian indicators of compromise and tactics, techniques, and procedures for immediate response." CISA is also urging network operators to test incident response and contingency plans to make sure employees are familiar with processes and to make sure cybersecurity precautions include basics on account monitoring, identity verification, scanning and patching.

The CISA warning follows a Jan. 4 bulletin from the National Terrorism Advisory System at DHS, which cautioned that "Iran maintains a robust cyber program and can execute cyberattacks against the United States. Iran is capable, at a minimum, of carrying out attacks with temporary disruptive effects against critical infrastructure in the United States."

About the Author

Adam Mazmanian is executive editor of FCW.

Before joining the editing team, Mazmanian was an FCW staff writer covering Congress, government-wide technology policy and the Department of Veterans Affairs. Prior to joining FCW, Mazmanian was technology correspondent for National Journal and served in a variety of editorial roles at B2B news service SmartBrief. Mazmanian has contributed reviews and articles to the Washington Post, the Washington City Paper, Newsday, New York Press, Architect Magazine and other publications.

Click here for previous articles by Mazmanian. Connect with him on Twitter at @thisismaz.


  • Management
    shutterstock image By enzozo; photo ID: 319763930

    Where does the TMF Board go from here?

    With a $1 billion cash infusion, relaxed repayment guidelines and a surge in proposals from federal agencies, questions have been raised about whether the board overseeing the Technology Modernization Fund has been scaled to cope with its newfound popularity.

  • IT Modernization
    shutterstock image By enzozo; photo ID: 319763930

    OMB provides key guidance for TMF proposals amid surge in submissions

    Deputy Federal CIO Maria Roat details what makes for a winning Technology Modernization Fund proposal as agencies continue to submit major IT projects for potential funding.

Stay Connected