How to avoid scams and scams online
Use these cybersecurity tips to avoid scams and scams online.
Federal officials and cybersecurity experts warn of an increased risk of cyberattack amid rising tensions between the US and Iran.
There are no specific, reliable threats to the homeland, but on June 22, the Department of Homeland Security warned about low-level cyberattacks in its “Strengthening the Threat Environment.” Experts said USA Today’s public infrastructure and the private sector could be potential targets, but a massive cyberattack is unlikely.
“Cyberattacks are fairly standard fares in today’s conflict world,” said Antondabra, executive director of the Johns Hopkins University Institute of Information Security. “So cyberattacks are definitely on the options menu.”
What retaliation from Iran looks like?
The cyberattack warning comes after President Donald Trump ordered air strikes on three Iranian nuclear facilities on June 21. Iranian officials have warned of retaliation after the airstrike, and Iranian Foreign Minister Abbas Arakich said his country will consider all possible responses.
The first came on June 23 when Iran targeted a US military base in Qatar.
“We need to see if that response is deemed sufficient,” according to Scott White, associate professor and director of the Cybersecurity Program and Cyber Academy at George Washington University in Washington, DC.
Trump’s Golden Dome missile defense system
Is President Donald Trump’s proposed Golden Dome the best option to prevent missile strikes?
If there is more to it, cyberattacks are one potential means of retaliation.
According to the National Intelligence Director’s 2024 threat assessment, Iran has been willing to prove its targeting countries with stronger cyber capabilities than itself. The country has already launched a cyberattack on Israel, and the US-based cybersecurity company has found a 700% surge in cyberattacks after Israel launched a missile strike targeting Tehran’s nuclear program earlier this month.
“Iran has many people and organizations dedicated to discovering cyber vulnerabilities and implementing cyberattacks.
It is not the first time that the US has faced such a threat.
In 2016, seven Iranians with government ties and the Islamic Revolutionary Security Corps were charged with a series of cybercrimes committed between 2011 and 2013. One of the defendants is said to have obtained operational information about a dam in New York, but was unable to control the system.
Whether Iran is still in the U.S. critical infrastructure system is a difficult question to answer, according to Jamil Jaffer, founder and executive director of George Mason University’s National Security Institute and former deputy lawyer for President George W. Bush.
“We don’t have any clear information from the US government about where Iran is today, but the fact that they were trying early and were able to enter some places is a sign that there are vulnerabilities that they can exploit,” he said.
How big a threat is this to Americans?
According to a statement from Google Hultquist chief analyst John Hultquist, the threat of destructive cyberattacks is on the rise, but it is important to recognize that Iran has had “mixed outcomes” in his destructive cyberattacks.
“They frequently create and exaggerate their effects to enhance their psychological impact,” Hartkist said. “We need to be careful not to overestimate these cases and inadvertently support the actors.”
During previous testimony in Congress, National Intelligence Director Daniel Court said Iran was attempting to deploy a cyberattack that would allow for attacks on the critical infrastructure of its US and its allies, with “localized, temporary, destructive effects.”
In other words, as of 2019, Iran, according to Jaffer, had no ability to stop any national or massive destructive attacks.
“But can they do something that has an important effect? That’s certainly possible,” he said. “So they have to calculate. What will the US response look like when they do this?”
White said Americans should be aware of potential attacks, and those working in sectors such as energy, healthcare and banking should be aware that their company may be targeted.
The Food and Agricultural Information Sharing and IT Information Sharing Analysis Centers earlier this month encouraged businesses to prepare for the potential for an increase in cyberattacks, noting that state-sponsored actors, hattivist groups and cybercriminals had previously launched attacks on U.S. organizations during the period of rising conflict.
However, experts told USA Today that daily cybercriminals are likely a major concern for most Americans.
“Iran is not as threatening as people are trying to get money from people’s bank accounts,” Dabra said. “That’s what people should be worried about. Realistically.”
How can consumers protect themselves from cyberattacks?
“Iran has always been a major threat to the country’s critical infrastructure,” said Scott Augenbaum, a cybercrime prevention trainer and retired FBI agent who is author of Secret to Cybersecurity.
The US government will continue to work closely with all sectors to provide information to them, Augenbaum told USA Today, but cybercriminals often chase after end users, or consumers.
All cyber threat actors “because they love the confusion, so many of us are in a state of concern right now,” Organbaum said.
On Friday, 16 billion usernames and passwords were also found on the dark web. This will provide more information for cybercriminals.
Additionally, Vahid Behzadan, an associate professor of cybersecurity and networking, data, computer science and electrical computer engineering at New Haven University in West Haven, Connecticut, said that “Hacktivists,” which are often very active during the growing conflict.
These attacks could range from denial of service attacks to targeted phishing attacks, Behzadan said.
You may think that an individual is just taking their own life, but he said that everyone can be targeted.
“Your device could be misused or exploited on its own,” he said.
While there may be concerns that cyberattacks could affect access to banks and financial institutions, Behzadan said protections are often in place in the event of a breach of bank accounts.
Augenbaum said it needs to ensure that all consumers are digitally protected.
Here are five things to protect yourself:
- Freeze your credits. With so many leaked usernames and passwords on Dark Web, Augenbaum said credit should be frozen at all three credit agencies. Credit Freeze prevents new credits from being opened unless the credit freeze is lifted or unzipped.
- Beware of fake emails and texts. “We will not receive emails from Iranian threat actors saying, ‘Please click on this link,” Augenbaum said. “It may seem like it comes from Social Security. It may seem like it comes from the IRS. It may seem like it comes from your bank or credit card, and they want you to click on a link that may cause you to get malware on your computer and steal your username and password.”
- Be careful of calls that appear to be from authorities. Often, cybercriminals try to tell you that you’re going to be arrested for doing something wrong. Make sure your bank or financial institution has a real number on your phone, and if you see any suspicious activity, or by unsolicited email, text or call, and call the phone number.
- Be careful about your social media accounts. Hackers may attempt to take over social media accounts or click on malicious links.
- Use the Password Manager program. Do not use the same password for multiple accounts. Use a password manager. This allows you to safely track your passwords.
- User 2-factor authentication. Asking two types of approval, such as text messaging or the Authenticator app, provides more protection for your account.
Additionally, Behzadan suggests that the operating system software updates have been updated, and that cloud storage sites back up important data in the event that has been attacked, and that smart devices on their home network are updating the software.
