US authorities are on heightened alert for cyberattacks amid fears Tehran may target government institutions and businesses to avenge the killing of top Iranain commander Qasem Soleimani.
Iran vowed retaliation over the assasiation of Soleimani, who was killed in a US drone strike in Baghdad last week.
The US Department of Homeland Security urged vigilance on Monday, warning that Iran-linked hackers have improved their offensive capacities in recent years.
According to DHS’s Cybersecurity and Infrastructure Security Agency, potential attacks could involve destructive wiper malware and possibly cyber-enabled kinetic attacks.
The agency said Iran has a history of resorting to retaliatory cyberattacks. It offered examples of previously used techniques as insight into what to expect.
Several cybersecurity vendors including Crowdstrike and Recorded Future echoed concerns expressed by Homeland Security, adding that the likely targets are government institutions, the oil and gas industry and the financial sector.
Organizations in those sectors are being advised to keep track of their credential dumping and file obfuscation to prevent data leaks. Homeland Security also recommended deleting all inactive accounts, disabling unnecessary ports and protocols as well as tightening email and network traffic.