Iran Cyber Threat Overview and Advisories
CISA works to ensure U.S. critical infrastructure, government partners, and others have the information and guidance to defend themselves against Iran state-sponsored cybersecurity activity.
Recent Iranian state-sponsored activity has included malicious cyber activity against operational technology devices by Iranian Government Islamic Revolutionary Guard Corps (IRGC)-affiliated APT cyber actors. The following actions are key to strengthening operational resilience against this threat:
- Implement multifactor authentication.
- Use strong, unique passwords.
- Check programmable logic controllers for default passwords.
Iran State-Sponsored Activity Targeting Vulnerable OT Devices
The U.S. government has attributed cyber intrusions on vulnerable operational technology devices to Iranian Government Islamic Revolutionary Guard Corps (IRGC)-affiliated cyber actors. IRGC-Affiliated Cyber Actors Exploit PLCs in Multiple Sectors details this activity.
CISA and Joint CISA Advisories
Review Iran-specific advisories here.
Key Resources
Defending Against Nation-State Cyber Threats
Find more information on nation-state adversaries and related resources.