Combined Seals for Iran Statement

Joint Statement from CISA, FBI, DC3 and NSA on Potential Targeted Cyber Activity Against U.S. Critical Infrastructure by Iran

Iranian state-sponsored or affiliated threat actors are known to conduct a range of targeted cyber activity to include exploit known vulnerabilities in unpatched or outdated software, compromise internet-connected accounts and devices that use default or weak passwords and work with ransomware affiliates to encrypt, steal and leak sensitive information.  

At this time, we have not seen indications of a coordinated campaign of malicious cyber activity in the U.S. that can be attributed to Iran. However, we are urging critical infrastructure organizations to stay vigilant to Iranian-affiliated cyber actors that may target U.S. devices and networks. We strongly urge organizations to review our joint fact sheet and implement recommended actions to strengthen our collective defense against this potential cyber activity.  

The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), Department of Defense Cyber Crime Center (DC3) and the National Security Agency (NSA) are actively monitoring and coordinating with government, industry, and international partners to identify and share actionable intelligence and provide resources and assistance. We also strongly urge organizations report suspicious or criminal activity related to potential Iranian cyber activity. 

Iranian Cyber Actors May Target Vulnerable U.S. Networks

Iranian Cyber Actors May Target Vulnerable US Networks and Entities of Interest

CISA, FBI, DC3, and NSA strongly urge organizations to remain vigilant for potential targeted cyber activity against U.S. critical infrastructure and other U.S. entities by Iranian-affiliated cyber actors.

Read the Fact Sheet
Memory Safe Languages: Reducing Vulnerabilities in Modern Software Development

Memory Safe Languages: Reducing Vulnerabilities in Modern Software Development

While there are challenges, adopting memory safe languages can increase reliability, reduce attack surface, and decrease long-term costs. 

Read our joint guide to learn more.
Russian GRU Targeting Western Logistics Entities and Technology Companies

Russian GRU Targeting Western Logistics Entities and Technology Companies

This advisory encourages executives and network defenders at logistics entities and technology companies to recognize the elevated threat of unit 26165 targeting and implement recommended actions and mitigations.  

Read the Advisory
Fact Sheet: Primary Mitigations to Reduce Cyber Threats to Operational Technology

Primary Mitigations to Reduce Cyber Threats to Operational Technology

Unsophisticated cyber actor(s) are targeting ICS/SCADA systems in the Energy and Transportation Systems sectors. Follow our fact sheet for more info.

Read More
Fast Flux A National Security Threat IMAGE

CISA and Partners Issue Fast Flux Cybersecurity Advisory

Guides organizations with detecting and mitigating this national security threat 

CISA and Partners Issue Fast Flux Cybersecurity Advisory
Active Assailant Emergency Action Plan

Active Assailant Emergency Action Plan Template and Instructional Guide

Provide organizations and venue operators with tangible guidance to assist users with developing a comprehensive and implementable emergency action plan (EAP).

Learn More

News Updates

View More News

Latest Operational Information

View All Alerts & Advisories Subscribe to Updates

How can we help?

All Audiences
Main St, street sign

Find Help Locally

Contact your Region

Assist Visits

Protected Critical Infrastructure Information

IT professional working at computers

Industry

Secure by Design

Information Sharing: A Vital Resource

PCII Program modernized

Joint Cyber Defense Collaborative expands

A small business worker making a transaction with a customer

Small and Medium Businesses

Cyber guidance for small businesses

Supplementing passwords

Doing business with CISA

Teenager boy and classmates in high school computer class

Educational Institutions

School Safety

Cybersecurity for K-12

K-12 School Security Product Suite

Protecting Our Future: Partnering to Safeguard K-12 Organizations from Cybersecurity Threats

All Audiences

JCDC unifies cyber defenders from organizations worldwide. This team proactively gathers, analyzes, and shares actionable cyber risk information to enable synchronized, holistic cybersecurity planning, cyber defense, and response.

JCDC

StopRansomware.gov is the U.S. Government's official one-stop location for resources to tackle ransomware more effectively.

STOPRANSOMWARE

SAFECOM works to improve emergency communications interoperability across local, regional, tribal, state, territorial, international borders, and with federal government entities.

SAFECOM

Additional CISA Resources

Abstract image of a PCB overlayed with cyber design elements

CISA’s Federal Cyber Defense Skilling Academy

CISA’s Federal Cyber Defense Skilling Academy provides full-time federal employees an opportunity to focus on professional growth through an intense, full-time, three-month accelerated training program.

Image of an event with speaker and participants

CISA Events

CISA hosts and participates in events throughout the year to engage stakeholders, seek research partners, and communicate with the public to help protect the homeland.

CISA Services Catalog

A single resource that provides you with access to information on services across CISA’s mission areas.

Employees pictured during training session

CISA Training

As part of our continuing mission to reduce cybersecurity and physical security risk, CISA provides a robust offering of cybersecurity and critical infrastructure training opportunities.