US agencies: Iran ramped up cyberattacks on critical infrastructure during war

The Iranian regime intensified cyberattacks on critical U.S. infrastructure during Operation Epic Fury, multiple U.S. agencies said on Tuesday. The joint advisory – issued by the Federal Bureau of Investigation, National Security Agency, Cybersecurity and Infrastructure Security Agency, Environmental Protection Agency, Department of Energy, and U.S. Cyber Command’s Cyber National Mission Force – warned that Tehran-linked allies targeted government service organizations, the energy sector, and water and wastewater systems, focusing on exposed industrial control systems and SCADA interfaces.

The advisory assessed that Iran's hacking campaign aimed to cause “disruptive effects within the United States,” and that “in a few cases, this activity has resulted in operational disruption and financial loss."

Warnings of the Iranian hacking campaign came amid heightened tensions between Tehran and Washington, as U.S. President Donald Trump warned that “a whole civilization will die tonight” unless Iran agreed to a deal with the United States. He also threatened to target key Iranian energy and infrastructure assets across the country.

Following diplomatic intervention from Pakistan, however, on Tuesday night Trump agreed to a two-week ceasefire. Washington is reportedly seeking Iran’s full abandonment of its nuclear weapons program, significant limits on its missile capabilities, and an end to its support for regional proxy groups, including Hezbollah in Lebanon, the Houthis in Yemen, and Hamas in Gaza. Tehran, by contrast, is said to oppose restrictions on its nuclear and missile programs and to insist on maintaining support for its regional allies.

The regime’s hacking campaign against the United States is part of its wider asymmetric warfare strategy.

The FBI announced last month that it had seized 4 Iranian-linked cyberwarfare domains that targeted the U.S. and its allies.

"Iran thought they could hide behind fake websites and keyboard threats to terrorize Americans and silence dissidents,” FBI Director Kash Patel said. “We took down four of their operation's pillars and we're not done. This FBI will hunt down every actor behind these cowardly death threats and cyberattacks, and will bring the full force of American law enforcement down on them.”

Iran's hacker group Handala was reportedly among the Iranian-linked domains seized by the FBI. It has been linked to recent cyberattacks targeting U.S. and Israeli organizations and businesses.

Last month, the Iranian regime also threatened to target leading U.S. corporations such as Microsoft, Google and Amazon amid American and Israeli aerial strikes across the Islamic Republic of Iran.