February 28, 2020

February 28, 2020

Subscribe to Latest Legal News and Analysis

February 27, 2020

Subscribe to Latest Legal News and Analysis

February 26, 2020

Subscribe to Latest Legal News and Analysis

Department of Homeland Security Warns of Cyber-attacks by Iran

The Department of Homeland Security (DHS) issued a grave warning to U.S. businesses and critical infrastructure operators on January 6, 2020, alerting the public that Iran poses a cyber terrorism threat to the United States following the death of Iranian Quds Force commander Gen. Qassem Soleimani.

The bulletin explains that Iran’s previous plots against the U.S. were in the form of, “among other things, scouting and planning against infrastructure targets and cyber-enabled attacks against a range of U.S.-based targets” including critical infrastructure. DHS stated that “Iran maintains a robust cyber program and can execute cyberattacks against the United States. Iran is capable, at a minimum, of carrying out attacks with temporary disruptive effects against critical infrastructure in the United States.”

In addition, it is widely predicted that Iran will double up its efforts to hit the financial sector in the U.S. prompting the New York Department of Financial Services to issue a warning to the financial services industry earlier this week and that Iran may use the timing of Microsoft’s termination of support of older Windows products on January 14, 2020, to its advantage in its cyber terrorism plans against U.S. companies.

Finally, cybersecurity experts are warning U.S. companies that Iran has repeatedly in the past targeted employees in U.S. companies with phishing attacks and fake social media requests in order to gain access to company systems and data. Companies are urged to warn their employees about being particularly vigilant following this incident and the escalation of relations with Iran about an increase in phishing campaigns through email requests. Another high risk is Iranian-based and nation-state hackers posing as recruiters through social media and professional social media sites enticing employees to connect with them on social media, then obtaining personal information from the potential recruits.

Cybersecurity hygiene is always important, but because of the escalated tension with Iran, companies should think about hardening their security and warning their employees about being super vigilant and combating stepped up efforts on the part of Iranian backed hackers. We all need to be on high alert for a cyber-attack from Iran.

Copyright © 2020 Robinson & Cole LLP. All rights reserved.


About this Author

Linn F. Freedman, Robinson Cole Law Firm, Cybersecurity and Litigation Law Attorney, Providence

Linn Freedman practices in data privacy and security law, cybersecurity, and complex litigation. She provides guidance on data privacy and cybersecurity compliance to a full range of public and private clients across all industries, such as construction, education, health care, insurance, manufacturing, real estate, utilities and critical infrastructure, marine, and charitable organizations. Linn is a member of the firm's Business Litigation Group and chairs its Data Privacy + Cybersecurity Team. She is also a member of the Financial Services Cyber-Compliance Team (CyFi ...