Pierluigi Paganini
June 24, 2025
The Iran conflict raises cyber threat levels in the U.S., with likely low-level attacks by pro-Iranian hacktivists and possible state-linked cyber activity. Following U.S. strikes on Iranian nuclear sites, President Trump called the attacks a success and warned of more if Iran resists peace.
“The ongoing Iran conflict is causing a heightened threat environment in the United States.” reads the advisory published by US DHS. “Low-level cyber attacks against US networks by pro-Iranian hacktivists are likely, and cyber actors affiliated with the Iranian government may conduct attacks against US networks.”
The 2025 Iran-Israel war has sparked intense cyber conflict, with hacktivist groups from both sides launching digital attacks against one another.
US DHS warns that Iran remains committed to targeting U.S. officials linked to a 2020 military commander’s death. The Israel-Iran conflict may fuel extremist violence in the U.S., especially if Iranian leaders issue a religious call for retaliation. Recent U.S. attacks tied to anti-Semitic views suggest the threat of more homeland plots is rising.
“Iran also has a long-standing commitment to target US Government officials it views as responsible for the death of an Iranian military commander killed in January 2020. The likelihood of violent extremists in the Homeland independently mobilizing to violence in response to the conflict would likely increase if Iranian leadership issued a religious ruling calling for retaliatory violence against targets in the Homeland.” continues the advisory. “Multiple recent Homeland terrorist attacks have been motivated by anti-Semitic or anti-Israel sentiment, and the ongoing Israel-Iran conflict could contribute to US-based individuals plotting additional attacks.”
In January 2020, the U.S. Department of Homeland Security (DHS) issued other warnings about the possibility of cyber-attacks launched by Iranian threat actors. The attacks could have been the response of Tehran after Maj. Gen. Qassim Suleimani was killed by a U.S. drone airstrike at the Baghdad airport in Iraq.
The order to kill Soleimani was issued by President Trump, who said Soleimani was planning an “imminent” attack on US personnel in Baghdad.
Christopher C. Krebs, who was the Director of Cybersecurity and Infrastructure Security Agency (CISA) at the time, warned of a potential new wave of cyber attacks carried out by Iran-linked hacker groups targeting U.S. assets.
Krebs warned operators of critical infrastructure to remain vigilant because the risk of cyber attacks is increasing hour by hour.
The DHS issued a new National Terrorism Advisory System bulletin. The DHS added that Iran has cyber capabilities to carry out attacks against US infrastructure, and it is also warned that Iran can conduct operations in the United States.
“Previous homeland-based plots have included, among other things, scouting and planning against infrastructure targets and cyber enabled attacks against a range of U.S.- based targets.” reads the bulletin. “Iran maintains a robust cyber program and can execute cyber attacks against the United States. Iran is capable, at a minimum, of carrying out attacks with temporary disruptive effects against critical infrastructure in the United States.”
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, Iran)
