Iranian hackers ‘may still conduct malicious cyber activity,’ US agencies warn

June 30, 2025

(NEW YORK) — Iranian-affiliated cyber actors and hacktivist groups “may still conduct malicious cyber activity,” according to a joint bulletin from U.S. law enforcement agencies.

“Based on the current geopolitical environment, Iranian-affiliated cyber actors may target U.S. devices and networks for near-term cyber operations,” the bulletin from the Cybersecurity and Infrastructure Security Agency (CISA), FBI, NSA and Defense Department says.

“Defense Industrial Base (DIB) companies, particularly those possessing holdings or relationships with Israeli research and defense firms, are at increased risk. Hacktivists and Iranian-government-affiliated actors routinely target poorly secured U.S. networks and internet-connected devices for disruptive cyberattacks,” according to the bulletin.

All of this comes after Israel and Iran “declared ceasefire and ongoing negotiations towards a permanent solution,” according to the alert.

“Over the past several months, Iranian-aligned hacktivists have increasingly conducted website defacements and leaks of sensitive information exfiltrated from victims,” the alert says. “These hacktivists are likely to significantly increase distributed denial of service (DDoS) campaigns against U.S. and Israeli websites due to recent events.”

The alert says that it hasn’t just been over the past few months that Iranian cyber actors have been active. The agencies point to numerous instances in 2023 and 2024 when the Islamic Revolutionary Guard Corps (IRGC) compromised Israeli-backed technology, and after the start of the conflict between Hamas and Israel, IRGC-backed actors carried out cyber attacks as a form of protest.

“Activities like website defacements, leakage of sensitive information, and distributed denial-of-service (DDoS) campaigns against U.S. websites have been common attack methods in the past,” the alert says.

In a statement, the agencies say they haven’t seen any malicious activity, but are issuing the warning for critical infrastructure organizations to be on alert.

“We strongly urge organizations to review our joint fact sheet and implement recommended actions to strengthen our collective defense against this potential cyber activity,” the statement says.

Download the WEIS Radio app in the Apple App Store and Google Play Store or subscribe to our text alerts here.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Iranian hackers ‘may still conduct malicious cyber activity,’ US agencies warn

ABC Audio

TrueSong Welcomes New Member!

Africanized Honeybees Detected in Alabama

Attorney General Marshall Opens Applications for the 2025 Alabama Safe Schools Initiative