How to avoid scams and frauds online
Avoid scams and frauds online with these cybersecurity tips.
Federal officials and cybersecurity experts warn of increased risk for cyber attacks amid growing tensions between the U.S. and Iran.
While there are no specific credible threats against the homeland, the Department of Homeland Security on June 22 warned of low-level cyber attacks amid a “heightened threat environment.” Experts told USA TODAY public infrastructure and the private sector could be potential targets, although large-scale cyber attacks are unlikely.
“Cyber attacks are pretty much standard fare in today’s world of conflicts,” said Anton Dahbura, executive director of the Johns Hopkins University Information Security Institute. “So cyber attacks are definitely on the menu of options.”
What retaliation from Iran could look like
The cyber attack warnings come after President Donald Trump on June 21 ordered airstrikes on three Iranian nuclear facilities. Iran officials have warned of retaliation after the airstrikes, with Iranian Foreign Minister Abbas Araqchi saying his country would consider all possible responses.
The first came on June 23, when Iran targeted a U.S. military base in Qatar.
“We’ll have to see” whether that response will be considered sufficient, according to Scott White, an associate professor and director of the cybersecurity program and cyber academy at George Washington University in Washington, D.C.
Trump’s Golden Dome missile defense system
Is President Donald Trump’s proposed Golden Dome our best option for preventing a missile strike?
If there is more to come, cyber attacks are one possible avenue for retaliation.
Iran has proved willing to target countries with stronger cyber capabilities than itself, according to a 2024 threat assessment from the Office of the Director of National Intelligence. The country has already launched cyber attacks against Israel, with U.S.-based cybersecurity firm finding a 700% spike in cyber attacks after Israel launched a missile strike targeting Tehran’s nuclear program earlier this month.
“Iran has a lot of people and organizations – both official organizations and proxy groups – that are dedicated to discovering cyber vulnerabilities and conducting cyber attacks,” Dahbura said.
It wouldn’t be the first time the U.S. has faced such a threat.
In 2016, seven Iranians with ties to the government and the Islamic Revolutionary Guard Corps were indicted for a series of cyber crimes conducted between 2011 and 2013, including attacks that prevented bank customers from logging into their accounts. One of the defendants also allegedly obtained operational information on a New York dam but was unable to control the system.
Whether Iran is still in U.S. critical infrastructure systems is a harder question to answer, according to Jamil Jaffer, the founder and executive director of the National Security Institute at George Mason University and former associate counsel to President George W. Bush.
“We don’t have clear information from the U.S. government about where Iran is today on that, but the fact that they were trying earlier and were successfully able to get into some places is a sign that there are vulnerabilities they could exploit,” he said.
How big of a threat is this to Americans?
The threat of disruptive cyber attacks has increased, but it’s important to recognize that Iran has had “mixed results” with disruptive cyber attacks, according to a statement from John Hultquist, Google Threat Intelligence Group’s chief analyst.
“They frequently fabricate and exaggerate their effects in an effort to boost their psychological impact,” Hultquist said. “We should be careful not to overestimate these incidents and inadvertently assist the actors.”
In 2019, during testimony before Congress, former Director of National Intelligence Daniel Coats said Iran was attempting to deploy cyber attacks that would enable attacks against critical infrastructure in the U.S. and allied countries, and was capable of “localized, temporary disruptive effects.”
In other words, as of 2019, Iran didn’t have the ability to pull off nationwide or large-scale, disruptive attacks, according to Jaffer.
“But could they do something that has significant effects? It’s certainly possible,” he said. “So then they have to calculate, if we do this, what is the U.S. response going to look like?”
White said Americans should be cognizant of potential attacks, and those who work in sectors like energy, health care or banking should be aware that their company may be targeted.
The Food and Agriculture Information Sharing and Analysis Center and the IT Information Sharing and Analysis Center earlier this month encouraged companies to prepare for the likelihood of increased cyber attacks, noting that state-sponsored actors, hacktivist groups and cybercriminals have previously launched attacks against U.S. organizations during periods of heightened conflict.
But experts told USA TODAY that everyday cyber criminals are likely the bigger concern for most Americans.
“Iran is not as much of a threat as the guys that are trying to get money out of people’s bank accounts,” Dahbura said. “That’s what people should be worried about, realistically.”
How can consumers protect themselves from a cyber attack?
“Iran has always been a major threat to critical infrastructure in this country,” said Scott Augenbaum, a retired FBI agent, cybercrime prevention trainer and author of The Secret to Cybersecurity.
The U.S. government works closely with all sectors to keep them informed, Augenbaum told USA TODAY, but cybercriminals often also go after the end users, or consumers.
All cyber threat actors are going to step up “because they love chaos and so many of us are in a state of worry right now,” Augenbaum said.
On Friday, 16 billion usernames and passwords were also found on the dark web, which gives cybercriminals more information, he said.
Additionally, “hacktivists” who are aligned with one side or the other also often get very active during times of heightened conflict, said Vahid Behzadan, an associate professor of cybersecurity and networks, data and computer science and electrical computer engineering at the University of New Haven in West Haven, Connecticut.
Those attacks can range from denial of service attacks to targeted phishing attacks, Behzadan said.
While individuals may think they are just going about their lives, Behzadan said, anyone can be targeted.
“Your device on its own can be exploited or leveraged” in an attack, he said.
While there may be worries that a cyber attack could affect access to banks or financial institutions, Behzadan said there are often protections in place should a bank account be compromised.
Augenbaum said all consumers should make sure they are digitally protected.
Here are five things to protect yourself:
- Freeze your credit. With so many leaked usernames and passwords on the dark web, Augenbaum said people should freeze their credit with all three credit bureau agencies. A credit freeze prevents new credit from being opened unless the credit freeze is lifted or thawed.
- Be careful of fake emails or texts. “You’re not going to get an email from an Iranian threat actor saying ‘click on this link,’ ” said Augenbaum. “It might look like it’s coming from Social Security. It might look like it’s coming from the IRS. It might look like it’s coming from your bank or credit card and they want you to click on a link that could infect your computer with malware and steal usernames and passwords.”
- Be wary of telephone calls that appear to be from an authority figure. Often, the cyber criminal will try to tell you that you’ve done something wrong and will be arrested. Make sure the real number for your bank or financial institution is in your phone and if you see any suspicious activity or get an unsolicited email, text or call, phone the number you have.
- Be vigilant with your social media accounts. Hackers may try to take over your social media accounts or get you to click on malicious links.
- Use a password manager program. Don’t use the same password for multiple accounts. Use a password manager, which can help you keep track of your passwords safely.
- User two-factor authentication. Asking for a second type of approval, like a text message or an authenticator app, offers more protection to accounts.
Additionally, Behzadan suggests making sure your operating system software updates are updated, backing up important data in the event cloud storage sites are attacked and also making sure any smart devices on your home network have updated software.
