The Department of Homeland Security said in a warning issued on Saturday there's been a recent rise in malicious cyber activity directed at U.S. industries and government agencies by Iranian regime actors and proxies.
"Iranian regime actors and proxies are increasingly using destructive 'wiper' attacks, looking to do much more than just steal data and money. These efforts are often enabled through common tactics like spear phishing, password spraying, and credential stuffing."— Christopher Krebbs, Cybersecurity and Infrastructure Security Agency director
Details: Christopher Krebbs, director of the DHS' Cybersecurity and Infrastructure Security Agency, said what might start as an account compromise, where you think you might just lose data, "can quickly become a situation where you’ve lost your whole network."
The big picture: The warning comes after Cybersecurity companies CrowdStrike and FireEye reported increased Iranian cyberattacks against the U.S. government in recent weeks, per AP.
- President Trump approved military strikes "on a handful of Iranian targets" on Thursday but called them off at the last minute, amid heightened tensions that have brought back fears that the U.S. could be on course for war with Iran.
What they're saying: CrowdStrike and FireEye say hackers working for the Iranian government have targeted sectors of the U.S. economy, "including oil and gas," and government agencies with spear-phishing emails.
The bottom line:
"The cyber offensive is the latest chapter in the U.S. and Iran’s ongoing cyber operations targeting the other, with this recent sharp increase in attacks occurring after the Trump administration imposed sanctions on the Iranian petrochemical sector this month."— AP's Tami Abdollah
Go deeper: A timeline of how Trump and Tehran came to the brink of war