Connect with us

Hi, what are you looking for?



DHS Warns of Possible Iranian Cyberattacks After Killing of Qassem Soleimani

DHS warns of Iranian cyber threats

The U.S. Department of Homeland Security has issued warnings about the possibility of cyberattacks launched by Iran in response to the United States killing Qassem Soleimani, a top Iranian military commander.

DHS warns of Iranian cyber threats

The U.S. Department of Homeland Security has issued warnings about the possibility of cyberattacks launched by Iran in response to the United States killing Qassem Soleimani, a top Iranian military commander.

Soleimani was killed last week in Iraq as a result of a U.S. airstrike. While many — including U.S. officials — have criticized the decision to kill the leader of the Iranian Revolutionary Guards’ Quds Force unit, Washington justified its actions by claiming that Soleimani had been planning an imminent attack on U.S. interests in the Middle East.

Tensions have escalated and Iran has vowed revenge. In addition to military strikes and other actions Iran could take in the real world, many experts believe Iran will also launch cyberattacks in response to the killing of the general.

As a result, the DHS has advised organizations to be prepared for potential cyberattacks launched by Iran. Christopher Krebs, the director of the DHS’s Cybersecurity and Infrastructure Security Agency (CISA), has pointed to a statement issued by the agency last summer regarding Iranian cybersecurity threats.

Krebs said, “Time to brush up on Iranian TTPs and pay close attention to your critical systems, particularly ICS. Make sure you’re also watching third party accesses!”

In addition to Krebs’ warning, the DHS on Saturday issued a new National Terrorism Advisory System bulletin. These “Bulletins” describe current developments or general trends regarding terrorism threats, unlike “Elevated Alert” or “Imminent Alert” advisories, which describe credible threats or specific and impending threats agasint the U.S., respectively.

While the DHS does not have information indicating a specific threat, it has warned that Iran has the capability to conduct operations in the United States.

“Previous homeland-based plots have included, among other things, scouting and planning against infrastructure targets and cyber enabled attacks against a range of U.S.-based targets,” the bulletin reads.

Advertisement. Scroll to continue reading.

It adds, “Iran maintains a robust cyber program and canexecute cyberattacks against the United States. Iran is capable, at a minimum, of carrying out attacks with temporary disruptive effects against critical infrastructure in the United States.”

A group of hackers claiming to be from Iran defaced the website of the U.S. Federal Depository Library Program ( over the weekend, apparently in response to Soleimani’s death. However, the attack did not appear too sophisticated — some reported that the website is powered by Joomla and the attackers likely exploited a vulnerability in one of its components.

Related: Iran May Respond With Cyberattacks to Killing of Qassem Soleimani

Related: Iranian Cyberattacks Feared After Killing of Top General

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join us as we delve into the transformative potential of AI, predictive ChatGPT-like tools and automation to detect and defend against cyberattacks.


As cybersecurity breaches and incidents escalate, the cyber insurance ecosystem is undergoing rapid and transformational change.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...


Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.


WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...