DHS warns of Iranian cybersecurity threats, issues guidance

Iranian cybersecurity threats

The Director of the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) issued a warning about recent Iranian cybersecurity threats. The statement also included suggested tips and best practices to stay safe online.

Director Christopher C. Krebs of DHS CISA issued the following statement:

“CISA is aware of a recent rise in malicious cyber activity directed at United States industries and government agencies by Iranian regime actors and proxies. We will continue to work with our intelligence community and cybersecurity partners to monitor Iranian cyber activity, share information, and take steps to keep America and our allies safe.

“Iranian regime actors and proxies are increasingly using destructive ‘wiper’ attacks, looking to do much more than just steal data and money. These efforts are often enabled through common tactics like spear phishing, password spraying, and credential stuffing. What might start as an account compromise, where you think you might just lose data, can quickly become a situation where you’ve lost your whole network.

“In times like these it’s important to make sure you’ve shored up your basic defenses, like using multi-factor authentication, and if you suspect an incident – take it seriously and act quickly. You can find other tips and best practices for staying safe online here.”

Cybersecurity tips and best practices

Director Krebs went on to provide tips to shore up cyber defenses, to include using multi-factor authentication. He also said you should “take it seriously and act quickly” if you suspect an incident.

CISA provided a lengthy list of good tips and best practices for staying safe online to include:

  • Protections against Cybersecurity threats (e.g., phishing, ransomware, malicious code, rootkits, botnets, denial-of-service attacks).
  • Email and communication safeguards (e.g., social networking sites, digital signatures, instant messaging).
  • General security information (e.g., electronic device disposal, keeping kids safe online, securing internet of things, cybersecurity definitions).
  • Mobile devices (e.g., physical security, holiday travel, wireless and USB security).
  • Privacy (e.g., password protections, understanding encryption, privacy protections).
  • Safe browsing (e.g., shopping safely online, bluetooth technology, certificates, web browser security settings).
  • Software and applications (Voice over Internet Protocol (VoIP), risks of file sharing technology, OS, patches and software updates).
  • Network defense and enterprise security (e.g., website secuirty, wireless security).

Each of the areas above include links from the Tips page to more detailed guidelines under each topic.

This warning comes a little more than a week after DHS CISA issued a warning on other similar bad actors taking advantage of weak defenses, like unpatched Bluekeep vulnerabilities.