CISA cautions on Iran threats

by Aleksandar Malivuk shutterstock ID 721814395 

Network and infrastructure operators need to be alert to growing cybersecurity risks in the wake of the targeted killing of Iranian military leader Gen. Qassim Soleimani in a drone strike last week. That's the message from the Cybersecurity and Infrastructure Security Agency at the Department of Homeland Security in a Jan. 6 publication aimed at both government and private sector officials.

U.S. officials and cybersecurity experts are concerned that Iranian reprisals for the killing of Soleimani could take the form of attacks on U.S. networks or critical infrastructure.

Hossein Salami, the head of the Revolutionary Guards forces in Iran, threatened a "tough, strong, decisive and finishing" revenge in a speech on Jan. 7. "We say again that we have strong determination and take revenge and if they continue, we will set fire at the place they like and they know where it is," Salami said in remarks translated by Iran's Fars News Service.

The CISA document points out that tensions between U.S. and Iran "have the potential for retaliatory aggression against the U.S. and its global interests." CISA warns that retaliation could take the form of disruptions to networks and cyberattacks that destroy critical infrastructure or interfere with the delivery of energy and communications as well as attacks on financial networks. Other possibilities include kinetic attacks such as bombs or drone attacks.

The document urges officials to "flag any known Iranian indicators of compromise and tactics, techniques, and procedures for immediate response." CISA is also urging network operators to test incident response and contingency plans to make sure employees are familiar with processes and to make sure cybersecurity precautions include basics on account monitoring, identity verification, scanning and patching.

The CISA warning follows a Jan. 4 bulletin from the National Terrorism Advisory System at DHS, which cautioned that "Iran maintains a robust cyber program and can execute cyberattacks against the United States. Iran is capable, at a minimum, of carrying out attacks with temporary disruptive effects against critical infrastructure in the United States."

About the Author

Adam Mazmanian is executive editor of FCW.

Before joining the editing team, Mazmanian was an FCW staff writer covering Congress, government-wide technology policy and the Department of Veterans Affairs. Prior to joining FCW, Mazmanian was technology correspondent for National Journal and served in a variety of editorial roles at B2B news service SmartBrief. Mazmanian has contributed reviews and articles to the Washington Post, the Washington City Paper, Newsday, New York Press, Architect Magazine and other publications.

Click here for previous articles by Mazmanian. Connect with him on Twitter at @thisismaz.


  • Veterans Affairs
    Blue Signage and logo of the U.S. Department of Veterans Affairs

    VA health record go-live pushed back to July

    The Department of Veterans Affairs is delaying a planned initial deployment of its $16 billion electronic health record project by four months, but is promising added functionality at the go-live date.

  • Workforce
    The Pentagon (Photo by Ivan Cholakov / Shutterstock)

    Esper says he didn't seek the authority to gut DOD unions

    Defense Secretary Mark Esper told lawmakers he was waiting for a staff analysis of a recent presidential memo before deciding whether to leverage new authority.

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.