The Cybersecurity and Infrastructure Security Agency (CISA) has released a threat profile of Iran after recent and increased Iran-U.S. tensions.

According to CISA, "Iran has exercised increasingly sophisticated capabilities to suppress social and political perspectives deemed dangerous to its regime and to target regional and international adversaries. Iran and its proxies and sympathizers have a history of leveraging cyber and physical tactics to pursue national interests, both regionally and here in the United States," such as:

  • Disruptive and destructive cyber operations against strategic targets, including finance, energy, and telecommunications organizations, and an increased interest in industrial control systems and operational technology.
  • Cyber-enabled espionage and intellectual property theft targeting a variety of industries and organizations to enable a better understanding of strategic direction and policy-making.
  • Disinformation campaigns promoting pro-Iranian narratives while pushing anti-U.S. sentiments.
  • Improvised explosive devices (IEDs), which are a staple tactic of the Islamic Revolutionary Guard Corps (IRGC), its Quds Force (focused on external, global operations), and proxy entities such as Hizbollah.
  • Attacks against U.S. citizens and interests abroad and similar attacks in the Homeland.
  • Unmanned aircraft system (UAS) attacks against hardened and soft targets.

CISA strongly urges the public and enterprise security to assess and strengthen basic cyber and physical defenses to protect against this potential threat.