Iranian computer hackers are ramping up attacks against U.S. targets, a top Department of Homeland Security official said Saturday.
Christopher C. Krebs, the head of the DHS Cybersecurity and Infrastructure Security Agency, or CISA, issued a statement confirming recent reporting about Iranian hackers increasingly setting their sight on the U.S. as tensions flare between countries.
“CISA is aware of a recent rise in malicious cyber activity directed at United States industries and government agencies by Iranian regime actors and proxies,” said Mr. Krebs.
“We will continue to work with our intelligence community and cybersecurity partners to monitor Iranian cyber activity share information, and take steps to keep America and our allies safe,” he said.
Iranian hackers are increasingly using “wiper” attacks to erase data stored on infected computers as opposed to just stealing it, Mr. Krebs added.
“These efforts are often enabled through common tactics like spear phishing, password spraying and credential stuffing. What might start as an account compromise, where you think you might just lose data, can quickly become a situation where you’ve lost your whole network,” he warned.
Individuals should defend themselves by exercising cybersecurity best practices and alert authorities of any suspected compromises, he said.
Iran took credit Thursday for shooting down a U.S. drone that the Pentagon has asserted was in international airspace. President Trump said afterward that he considered launching a retaliatory military strike and will increase sanctions on Iran next week.
CrowdStrike and FireEye, two private U.S. cybersecurity firms, both said Friday that they have witnessed an uptick in malicious activity in recent weeks traced to suspected Iranian government hackers.