The U.S. Department of Homeland Security (DHS) has issued a bulletin alerting American organizations to a heightened risk of cyberattacks from Iranian-backed hackers, amid escalating tensions related to recent military engagements between the United States, Israel, and Iran.
According to the latest National Terrorism Advisory System update, DHS anticipates a wave of “low-level” cyber operations targeting networks in the United States. The agency warned that hacktivists backed by Iranian government interests routinely exploit poorly secured infrastructure and internet-connected devices to cause disruption.
This announcement closely follows recent U.S. and Israeli airstrikes aimed at disrupting Iran’s nuclear facilities. These airstrikes coincided with substantial cyberattacks believed to be carried out by Predatory Sparrow, a pro-Israel hacking group. That group recently took responsibility for significant disruptions, including a targeted strike against one of Iran’s leading banks and a destructive attack resulting in the loss of millions of dollars in cryptocurrency stored on Iran’s largest crypto exchange.
In response to these escalating cyber threats, Iran’s government earlier confirmed it had temporarily shut down the country’s internet infrastructure, citing a preventative measure against further cyber intrusions.
Iranian state-backed hacker groups have a history of sophisticated cyber espionage operations. They have previously orchestrated hacking efforts against high-ranking U.S. politicians, government agencies, and major corporations. Many of their successful breaches involved exploiting known software vulnerabilities and utilizing compromised credentials to infiltrate networks and steal sensitive information.
