U.S. security agencies warn of Iranian cyber threat

The Cybersecurity and Infrastructure Security Agency, or CISA, on Monday warned that Iranian hackers might target American companies and critical infrastructure. In a joint release with other security agencies including the FBI, CISA said that companies focused on the defense industrial base are particularly at risk—especially those in relationships with Israeli firms. Potential cyberattacks could involve ransomware, leaks of sensitive information, or denial of service campaigns.

There’s no evidence of a coordinated Iranian cyber campaign targeting American companies at the moment, according to CISA. But hackers affiliated with Iran’s Islamic Revolutionary Guard Corps compromised dozens of U.S. companies’ industrial control systems in 2023 and 2024, according to the agencies’ release. Victims included companies in industries related to water and wastewater, energy, food and beverage manufacturing, and healthcare.

What should companies do to protect themselves? Implementing multi-factor authentication and strong passwords can mitigate risk, according to CISA. The agency also encouraged companies to secure any usage of remote access technologies and set protocols to block unauthorized access.

Dig deeper: Read Leo Briceno’s report on how GOP lawmakers view Trump’s decision to bomb Iranian nuclear facilities.