DHS Warns of Retaliatory Cyberattacks Because of the U.S. Drone Strike

The U.S. Department of Homeland Security released a warning regarding retaliatory cyberattacks after the military action in Iraq killed Iran’s leading general, Major General Qasem Soleimani.

The U.S. Department of Defense issued a statement that General Soleimani was definitely setting up plans to attack American diplomats and service members located in Iraq and all over the region. President Trump mentioned in a tweet after the attack that America’s action the night before was intended to prevent a war and that it was not to begin a warfare.

Iran condemned the attack and its top leader, Ayatollah Ali Khamenei, said they will make a “forceful revenge” on America. The U.S. State Department has instructed all Americans staying in Iraq to get out of the country for their safety. On Sunday, Iraqi MPs decided to get rid of all US troops from the land.

There are fears that Iran will have reprisal attacks, which will happen in cyberspace instead of on the ground. US corporations, government institutions, and critical infrastructure may be targeted. Iran might have rather limited military power, nonetheless Iran’s highly capable of doing detrimental cyberattacks.

Threat actors with an association to the Iranian government have long been executing cyberattacks in the U.S., nonetheless, the nature of the attacks could well differ. Iran has been making an array of offensive cyber instruments and has performed detrimental cyberattacks in past times. Remarkably, threat actors connected to Iran employed the wiper malware Shamoon to infiltrate the Saudi Arabian oil giant Aramco in 2012. It is believed that they have developed other wiper malware variants that could be deployed against targets in America. Iran was likewise linked to the SamSam ransomware attacks, such as the incident on the City of Atlanta.

The DHS acting secretary, Chad Wolf, stated that no specific, credible threats against America have been recognized to date. The DHS will remain to keep track of the issue and will be working together with local, state, and federal partners to be sure of the security of all people in America.

It’s not known if or when to expect attacks, however local, state, and federal heads have been told to take on the needed safety measures. Director of the DHS’ Cybersecurity and Infrastructure Security Agency, Chris Krebs, stated that it is time to know about Iranian [Tactics, Techniques, and Procedures] and pay close attention to your systems, specifically ICS. Be sure to watch third party accesses as well.

Krebs additionally referenced a previous warning that he issued in June that CISA knows a recent increase in malicious cyber activities focused on United States companies and government organizations by Iranian regime actors and proxies. The intelligence community and cybersecurity partners are keeping track of Iranian cyber activity, sharing information, and taking steps to maintain the safety of America and its allies.