DHS Warns of Iran’s Potential To Retaliate With Cyber Attacks, Terrorist Acts After Soleimani Killing

The department warned in an alert that Iran has a “robust cyber program” and can carry out attacks to temporarily disrupt critical infrastructure.

• By Haley Samsel
• Jan 07, 2020

In the days after Iran’s top military leader, Qassim Suleimani, was killed in an American drone strike, the country’s leadership has promised revenge on the U.S. Now, top government officials anticipate that Iran’s retaliation may take the form of a cyber attack on major computer systems.

Christopher Krebs, the head of the Cybersecurity and Infrastructure Security Agency (CISA) within the Department of Homeland Security, warned on Jan. 2 that the threats to the public go beyond attacks on the federal government.

“Pay close attention to your critical systems,” Krebs wrote on Twitter. “Make sure you’re also watching third party accesses!”

While the department’s acting secretary, Chad Wolf, said in the days after the drone attack that there are no “specific, credible threats” to the U.S., it’s clear that cybersecurity leaders are concerned about the possibility of an Iranian attack. DHS went on to issue an alert of a terrorism threat to the U.S. on Jan. 4, detailing specific aspects of Iran’s capabilities.

The new @DHSgov NTAS Bulletin on the threat landscape was issued to inform & reassure the American public, state/local governments & private partners that DHS is actively monitoring & preparing for any specific, credible threat, should one arise. pic.twitter.com/iNnHU1TI9A

— Acting Secretary Chad Wolf (@DHS_Wolf) January 4, 2020

As of Monday afternoon, no official cyber attack had been reported as coming from an established Iranian government-based hacking group. But the attack “may come with little or no warning,” the DHS warned, particularly after Suleimani’s funeral on Monday.

ZDNet reported that there have been some low-level cyber attacks over the weekend that involved the defacement of about 20 websites, including that of a government site for the Federal Depository Library Program. The attacks did not appear to originate from government-backed hacking groups.

The DHS alert referenced Iran’s efforts in the past to scope out terrorist acts against the U.S., including “scouting and planning against infrastructure targets and cyber enabled attacks against a range of U.S.-based targets.”

Some critics of the Trump administration fear that DHS is not well prepared to handle a widespread security threat thanks to its increased focus on immigration, a priority of President Trump.

John Cohen, a former acting under security in the DHS who led efforts to counter Iran, said a comprehensive plan must be developed to address the growing threat. He is doubtful that the plan will be developed in concert with local governments.

“There has been real concern that the focus on immigration enforcement and the border wall have degraded our capabilities to address not only the threat posed by domestic terrorists but sophisticated threats like this,” Cohen told The New York Times. “Time will only tell.”