Chris Krebs, the director of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, issued a statement on June 22 following similar warnings from private American cybersecurity firms.
Krebs, whose recently renamed agency is tasked with protecting American critical infrastructure, said CISA is “aware of a recent rise in malicious cyber activity” against American companies and government agencies by Iranian actors.
CISA specifically warned about “wiper” attacks which, in addition to stealing data, then destroy it as well. It’s not clear who exactly was targeted.
American operators are targeting Iranians as well, Yahoo News reported on Friday. The news was confirmed by the Washington Post and the New York Times. Iranian officials said the attacks were unsuccessful, Americans deemed the attacks “very” effective.
The Americans say they hacked Iranian spies who were allegedly involved in several attacks against oil tankers in the Persian Gulf over recent weeks. The cyberattacks followed a U.S. spy drone being shot down over Iran last week.
Even though President Donald Trump called off a kinetic attack with just minutes to spare last week, there’s little reason to think the overall conflict is over. The U.S. is preparing more hacking plans to target Iran while American businesses are expecting that if tension continues, it’ll be them in the crosshairs.
Cyberwar has fundamentally changed some of the calculus of war. Two decades ago, when the U.S. invaded a pair of countries on the other side of the world, the conflict was largely confined to those countries. Hacking levels the playing field and allows a country like Iran — which would generally not be able to compete with the American military’s traditional superiority — to inflict damage inside the U.S. itself.