Bottom Line Up Front
As the United States continues its build-up of military capabilities in the Middle East, seemingly indicating an imminent attack against the current political leadership of Iran, US Citizens should be prepared for retaliatory cyber attacks that attempt to disrupt US critical infrastructure and major business operations.
Based on prior offensive cyber attacks from IRGC sponsored threat actors, we should expect to see denial of service, ransomware, defacement / propaganda, and possibly control system disabling that targets communications, emergency services, energy and water distribution, financial services, and access to US government resources.
In the age of Generative AI, it is also likely that attacks will include propaganda distributed through social media with the intent to create fear and confusion.
As there is no known cyber defensive shield around the virtual US, it would be wise for US citizens to be prepared with contingency plans to counter the degradation or disruption of these services for a prolonged period of time.
That means having backups on hand for emergency situations.
The good news is, that among nation-state threats, Iranian actors are not among the most sophisticated and have demonstrated the use of known TTPs in the past, which means with prudence on the part of their targets, attacks should be defendable.
Analysis and remediation guidance follows for members:
