United States
Australia
United Kingdom
Europe
New Zealand
Canada
Fort Meade, Md. — Four U.S. government agencies have issued a joint advisory warning that cyber actors aligned with Iran’s Islamic Revolutionary Guard Corps could move quickly to hit vulnerable American networks and internet-connected devices. The National Security Agency, the Cybersecurity and Infrastructure Security Agency, the Federal Bureau of Investigation, and the Department of Defense Cyber Crime Center released a Cybersecurity Information Sheet titled “Iranian Cyber Actors May Target Vulnerable U.S. Networks and Entities of Interest.”
The advisory cautions that, even amid a declared ceasefire and ongoing negotiations, state-sponsored and affiliated groups — including hacktivists — are likely to probe for weak points such as unpatched systems and accounts or equipment protected by default or weak passwords. It warns organizations to prepare for an uptick in Distributed Denial of Service activity and notes that ransomware operations are also possible.
The publication summarizes methods these actors have used before and highlights past campaigns to help defenders recognize telltale tactics. It urges owners and operators of critical infrastructure to evaluate gaps in their defenses and refresh incident response plans, and it includes a set of recommended mitigations for at-risk organizations.
The alert follows years of U.S. government warnings about Iranian-linked groups targeting sectors from government services and technology to water and energy. U.S. authorities have previously tied Iranian actors to disruptive activity and data theft, and have repeatedly flagged opportunistic targeting of exposed services and poorly secured devices.
The full document is available on the Defense Department’s website: https://media.defense.gov/2025/Jun/30/2003745375/-1/-1/0/JOINT-FACT-SHEET-IRANIAN-CYBER-ACTORS-MAY-TARGET-VULNERABLE-US-NETWORKS-AND-ENTITIES-OF-INTEREST-508C.PDF
