Flag of Iran on a computer binary codes falling from the top and fading away. (Getty images)
WASHINGTON — With a tenuous ceasefire holding in the wake of US and Israel airstrikes on Iran, the Departments of Defense and Homeland Security have both issued stern reminders of the Iranian cyber threat, especially to US defense contractors.
Homeland Security’s Cybersecurity & Infrastructure Security Agency (CISA), in conjunction with the NSA and the Department of Defense Cyber Crime Center (DC3), today specifically warned US defense contractors working in Israel that they may find themselves the target of Iranian cyber attacks.
“This joint fact sheet details the need for increased vigilance for potential cyber activity against U.S. critical infrastructure by Iranian state-sponsored or affiliated threat actors,” the DHS-NSA-DC3 statement said. “Defense Industrial Base companies, particularly those possessing holdings or relationships with Israeli research and defense firms, are at increased risk.”
The DHS statement did not give further detail to defense contractors about the threat, but in a statement to Breaking Defense, Katie Arrington, a tech industry veteran currently performing the duties of Pentagon CIO, in a statement to Breaking Defense, expanded on the topic.
RELATED: Nearly one in 10 ‘Tier 1’ subcontractors to defense primes are Chinese firms: Report
“We recognize this is a time of heightened risk to the Department and our critical partners in the Defense Industrial Base,” said Arrington. “We don’t fight alone and our adversaries know it. DoD encourages the DIB to raise their cybersecurity posture to ensure uninterrupted operations and the security of critical data,” Arrington said, referring to a recent Pentagon LinkedIn post for detailed guidance.
Streamlining federal operations: achieving mission success with unified network observability
Consolidate network monitoring, performance management, and fault isolation into a single, comprehensive solution.
While Iranian hackers are less infamously skillful than Russian or Chinese ones, they have a long history of politically motivated digital vandalism against businesses, governments, and even Boston Children’s Hospital.
Neither Arrington nor the DHS statement cited specific intelligence or warned of an imminent attack, and experts say that Tehran has kept things quiet on the digital front, at least so far. The fact both DoD and DHS felt it timely to nudge corporate America to keep its digital guard up is still notable, albeit unsurprising.
Asked last week whether Iran could look to launch cyber attacks against US firms, Luke McNamara, deputy chief analysts with the Google Threat Intelligence Group, said, “The defense and aerospace sector has been a consistent target for Iranian cyber espionage actors. Cessation of hostilities is unlikely to diminish the espionage threat that western defense companies —including the European DIB — face.”
Added McNamara, “Beyond espionage, cyber is of course a tool that can be leveraged across a continuum of escalation, depending on the nature of the targets and the level of any disruption … We also should be prepared for messaging by actors in an attempt to inflate their successes. The cyber impact may be minimal, but stoking fear can also be an objective.”
Carley Welch contributed to this report.
Breaking Defense Video
