Federal Agencies Say Iran-Linked Hackers May Target US Firms

By  |  June 30, 2025
 | 

Four federal agencies said Monday (June 30) that fraudsters linked to Iran may launch cyberattacks on organizations in the United States, especially those involved with critical infrastructure, following the recent U.S. bombing of sites associated with Iran’s nuclear program.

    Get the Full Story

    Complete the form to unlock this article and enjoy unlimited free access to all PYMNTS content — no additional logins required.

    yesSubscribe to our daily newsletter, PYMNTS Today.

    By completing this form, you agree to receive marketing communications from PYMNTS and to the sharing of your information with our sponsor, if applicable, in accordance with our Privacy Policy and Terms and Conditions.

    These fraudsters may launch cyberattacks despite the declared ceasefire and ongoing negotiations between the two countries, the National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), the FBI and the Department of Defense Cyber Crime Center (DC3) said in a press release outlining a Cybersecurity Information Sheet (CSI).

    “Due to recent events, Iranian state-sponsored or affiliated threat actors are likely to significantly increase their distributed denial of service (DDoS) campaigns, and potentially also conduct ransomware attacks,” the release said. “The authoring agencies urge organizations, especially those within U.S. critical infrastructure, to remain vigilant for the outlined potential targeted malicious cyber activity.”

    In the past, these fraudsters have targeted U.S. networks and internet-connected devices that were poorly secured, seeking targets of opportunity, outdated software, and the use of default or common passwords, according to the release.

    It suggests that organizations read the CSI to review the fraudsters’ commonly used techniques, assess their own cybersecurity weaknesses, update their incident response plans, and harden their cyber defenses.

    The FBI said in April that ransomware remains the top threat to American infrastructure, with complaints in 2024 rising 9% above 2023’s total.

    Nearly half of all ransomware complaints received by the FBI’s Internet Crime Complaint Center (IC3) in 2024 involved critical infrastructure organizations in sectors like manufacturing, financial services, information technology, healthcare and government.

    The CISA released recommendations in April 2024 meant to help companies navigate the treacherous landscape of cybersecurity, including the dangers lurking in artificial intelligence.

    The recommendations highlighted the need for advanced safeguards as AI increasingly integrates into essential sectors like energy, transportation and healthcare.

    It was reported in February 2024 that the Chinese government’s attempt to virtually attack U.S. infrastructure had reached new levels and had become a defining threat to national security.

    For example, a Chinese hacking network was revealed to be dormant inside U.S. critical infrastructure, with malware that needed only to be triggered to disrupt that infrastructure.


    Recommended

    SoFi and Paychex

    SoFi Brings Financial Wellness Program Directly to Paychex Payroll Platform

    AI Demand Has Wall Street Snatching Up Utility Companies

    Anthropic Valuation Could Hit $100 Billion in New Investment Round

    OpenAI, ChatGPT, voice tech, AI

    OpenAI Seeks Piece of ChatGPT-Driven eCommerce Sales

    See More In: , , , , , , ,