WASHINGTON -- The U.S. Department of Homeland Security (DHS) has issued a National Terrorism Advisory bulletin warning of a potential cyberattack by Iran in the wake of a U.S. drone attack that killed a senior Iranian military commander.
"Iran maintains a robust cyberprogram and can execute cyberattacks against the United States," reads the bulletin, dated January 4.
The United States is bracing for possible retaliatory measures from Tehran following the January 3 attack on an Iran-backed militia convoy in Iraq that killed Qasem Soleimani, who was commander of Iran’s Quds Force, the foreign arm of the Islamic Revolutionary Guards Corps (IRGC).
The Quds Force has been designated a foreign terrorist organization by the United States.
The DHS bulletin noted that U.S. forces had “carried out a lethal strike in Iraq killing Iranian IRGC-Quds Force commander Qasem Soleimani while Soleimani was in Iraq.”
“Iranian leadership and several affiliated violent extremist organizations publicly stated they intend to retaliate against the United States,” it added, saying that it had no information indicating a "specific, credible threat.”
But it said that “previous homeland-based plots have included, among other things, scouting and planning against infrastructure targets and cyberenabled attacks against a range of U.S.- based targets.”
It added that Tehran maintains a “robust cyberprogram and can execute cyberattacks against the United States.”
“Iran is capable, at a minimum, of carrying out attacks with temporary disruptive effects against critical infrastructure in the United States.
“Iran likely views terrorist activities as an option to deter or retaliate against its perceived adversaries,” the bulletin said.
Hours later, a group claiming to be hackers from Iran breached the website of a U.S. government agency and posted messages vowing revenge for the killing of Soleimani.
The website of the Federal Depository Library Program was replaced with a page headlined with "Iranian Hackers!" displaying images of Iran's supreme leader, Ayatollah Ali Khamenei, along with the Iranian flag.
The U.S. government did not immediately comment on the apparent hack.
Separately, a leading cybersecurity expert said his firm is warning businesses and government agencies to intensify protection measures following the threats by Iran to seek revenge for the U.S. attack.
“There are opportunities for them to cause real disruption and destruction,” John Hultquist, director of intelligence analysis at the cybersecurity firm FireEye, told AP.
Iranian state-backed hackers reportedly carried out a series of disruptive denial-of-service attacks that knocked offline the websites of major U.S. banks and the New York Stock Exchange in 2012-13.
Robert M. Lee, chief executive of Dragos Inc., a firm that focuses on industrial control system security, said Iranian hackers have been aggressive in trying to gain access to utilities, factories, and oil and gas facilities, although it is not clear if they have ever succeeded.
“My worst-case scenario is a municipality or a cooperative-type attack where power is lost to a city or a couple of neighborhoods,” Lee told AP.