U.S. on cyber alert as tensions with Iran raise fears of digital retaliation

Federal officials and cybersecurity experts are warning of an elevated risk of cyberattacks targeting U.S. infrastructure and private companies amid rising tensions with Iran. While the Department of Homeland Security (DHS) has not identified any specific or credible threats to the homeland, a bulletin issued June 22 cautioned about the likelihood of low-level cyberattacks in what it described as a “heightened threat environment.”

The warning comes in the wake of U.S. airstrikes ordered by President Donald Trump on three Iranian nuclear facilities on June 21, escalating an already volatile standoff.

In response, Iranian officials have vowed to retaliate through “all possible responses,” prompting concern that cyber warfare could be one of Tehran’s tools of choice.

“Cyberattacks are pretty much standard fare in today’s world of conflicts,” said Anton Dahbura, executive director of the Johns Hopkins University Information Security Institute. “So cyberattacks are definitely on the menu of options.”

Iran’s cyber capabilities are a known threat

Iran has a long history of using cyber operations to respond to geopolitical pressure, including through state-sponsored groups and proxy organizations. These actors are known to target financial institutions, industrial control systems, and public infrastructure in both direct and indirect retaliation.

In a high-profile 2016 indictment, seven Iranians linked to the Islamic Revolutionary Guard Corps (IRGC) were charged with cyberattacks on U.S. banks and unauthorized access to the Bowman Avenue Dam in New York. Although no physical damage was done, the incident served as a stark example of Iran’s reach in cyberspace.

“Iran has people and organizations, both official and proxy, dedicated to discovering vulnerabilities and exploiting them,” Dahbura added.

What to expect: Low-level disruptions

According to federal officials and private cybersecurity firms, a large-scale cyberattack akin to taking down the power grid or crippling financial markets is unlikely in the immediate term. Instead, experts anticipate low-level digital incursions, such as:

• Distributed denial-of-service (DDoS) attacks on public websites

• Ransomware attempts against municipal systems and small businesses

• Spear phishing campaigns aimed at defense contractors or energy firms

• Social engineering attacks targeting critical sectors like healthcare or logistics

These methods allow state-backed hackers to signal capability and intent without crossing a red line that would provoke a conventional U.S. response.

Businesses urged to tighten defenses

Cybersecurity experts are urging organizations, particularly those in the utilities, finance, defense, and logistics sectors, to remain vigilant. Updating software, reviewing incident response plans, and reinforcing staff training on phishing and social engineering are critical steps during periods of geopolitical instability.

“This is a moment when public and private sectors alike must remember that cyber is now a frontline domain,” said a senior DHS official. “Being prepared isn’t optional, it’s essential.”