WASHINGTON—Iran has increased its offensive cyberattacks against the U.S. government and critical infrastructure as tensions have grown between the two nations, cybersecurity firms say.
In recent weeks, hackers believed to be working for the Iranian government have targeted U.S. government agencies, as well as sectors of the economy, including oil and gas, sending waves of spear-phishing emails, according to representatives of cybersecurity companies CrowdStrike and FireEye, which regularly track such activity.
#Iran|ian hackers wage cyber campaign amid tensions with UShttps://t.co/qMpPHzr2iG
— The Peninsula (@PeninsulaQatar) June 22, 2019
It was not known if any of the hackers managed to gain access to the targeted networks with the emails, which typically mimic legitimate emails but contain malicious software.
The cyber offensive is the latest chapter in the U.S. and Iran’s ongoing cyber operations targeting the other.
Iranian hackers wage cyber campaign amid tensions with U.S. https://t.co/fng2uIFNFH pic.twitter.com/gz88uencUh
— CBS News (@CBSNews) June 22, 2019
The Department of Homeland Security said in a statement released Saturday, June 22, that its agency tasked with infrastructure security has been aware of a recent rise in malicious cyber activities directed at U.S. government agencies by Iranian regime actors and proxies.
Cybersecurity and Infrastructure Security Agency Director Christopher C. Krebs said the agency has been working with the intelligence community and cybersecurity partners to monitor Iranian cyber activity and ensure the U.S. and its allies are safe.
“What might start as an account compromise, where you think you might just lose data, can quickly become a situation where you’ve lost your whole network,” Krebs said.
The National Security Agency would not address discuss Iranian cyber actions specifically, but said in a statement to The Associated Press on Friday that “there have been serious issues with malicious Iranian cyber actions in the past.”
“In these times of heightened tensions, it is appropriate for everyone to be alert to signs of Iranian aggression in cyberspace and ensure appropriate defenses are in place,” the NSA said.
In 2016, the U.S. indicted Iranian hackers for a series of punishing cyberattacks on U.S. banks and a small dam outside of New York City.
By Tami Abdollah