Experts warn that Iran could target power and water systems for cyberattacks if US gets involved in Middle East

Experts in critical infrastructure sectors are cautioning the U.S. against further involvement in the Middle East, warning that Iran could decide to target American power and water systems in a series of cyberattacks.
As the conflict between Israel and Iran evolves, leaders in the critical infrastructure realm remain on high alert. While there has not yet been a major cyber threat reported, these groups are amping up their defenses in the event one unfolds, Politico reported.
'Iranian cyber activity has not been as extensive outside of the Middle East but could shift in light of the military actions,' said John Hultquist, chief analyst for Google Threat Intelligence Group.
Hultquist warned that if the U.S. decides to strike Iran directly, 'targets in the United States could be prioritized for action by Iran's cyber threat capability.'
Previous incidents of increased geopolitical tension, such as Russia's war on Ukraine, have also prompted U.S. agencies, including the Cybersecurity and Infrastructure Security Agency to get ahead of emerging threats.
Anne Neuberger, the deputy national security adviser for cyber and emerging tech at the White House under President Joe Biden, told Politico the government is essential in helping these sectors amplify their defenses at times of conflict.
'The government can play a very important role in helping companies defend themselves, from sharing declassified intelligence regarding threats to bringing companies together to coordinate defenses,' Neuberger said. 'Threat intel firms should lean forward in publicly sharing any intelligence they have. ODNI and CISA should do the same.'
Last week, two information sharing and analysis centers and organizations, which share threat intelligence, warned U.S. companies to increase security measures in the event of Iranian cyberattacks.
The Food and Agriculture group, whose members include the Hershey Company, Tyson and Conagra, as well as the Information Technology group, with members Intel, IBM, and AT&T, warned attacks on other targets could still impact U.S. companies.
Along that line, the groups warned that 'cyberattacks aimed at Israel could inadvertently affect U.S. entities.'
Jeffrey Troy, who leads the Aviation group, said past cyberattacks targeting GPS systems have left them 'in a constant state of vigilance, sharing intelligence in real time and collaborating on prevention, detection and mitigation strategies.'
Leaders of some of these groups also say that staffing reductions across agencies since President Donald Trump took office have left them feeling like they are without federal support in preparing for potential cyberattacks.
The Cybersecurity and Infrastructure Security Agency, the country's main cyber defense agency, is expected to lose around 1,000 employees, with many of its programs being cut or put on pause, according to the report.
While the agency 'is still accessible,' there has been no outreach to strengthen defenses against Iranian hackers since last week, according to Andy Jabbour, who leads the Faith-Based Information Sharing and Analysis Organization.
Much of how the possible threats get handled is in the hands of Trump, Jabbour told Politico.
'The next 24-48 hours will be interesting in that sense, and his decisions and his actions could certainly influence what we see here in the United States,' Jabbour said.

Try Our AI Features

Explore what Daily8 AI can do for you:

Learn with AIFact CheckingText to SpeechAI Summary

Related Articles

The Independent

22 minutes ago

• The Independent

People desperately trying to call family in Iran are getting mysterious robotic responses

When Ellie, a British- Iranian living in the United Kingdom, tried to call her mother in Tehran, a robotic female voice answered instead. 'Alo? Alo?' the voice said, then asked in English: 'Who is calling?' A few seconds passed. 'I can't heard you,' the voice continued, its English imperfect. 'Who you want to speak with? I'm Alyssia. Do you remember me? I think I don't know who are you.' Ellie, 44, is one of nine Iranians living abroad — including in the U.K and U.S. — who said they have gotten strange, robotic voices when they attempted to call their loved ones in Iran since Israel launched airstrikes on the country a week ago. They told their stories to The Associated Press on the condition they remain anonymous or that only their first names or initials be used out of fear of endangering their families. Five experts with whom the AP shared recordings said it could be low-tech artificial intelligence, a chatbot or a pre-recorded message to which calls from abroad were diverted. It remains unclear who is behind the operation, though four of the experts believed it was likely to be the Iranian government while the fifth saw Israel as more likely. The messages are deeply eerie and disconcerting for Iranians in the diaspora struggling to contact their families as Israel's offensive targeting Iranian nuclear and military sites pounds Tehran and other cities. Iran has retaliated with hundreds of missiles and drones, and the government has imposed a widespread internet blackout it says is to protect the country. That has blocked average Iranians from getting information from the outside world, and their relatives from being able to reach them. 'I don't know why they're doing this,' said Ellie, whose mother is diabetic, low on insulin and trapped on the outskirts of Tehran. She wants her mother to evacuate the city but cannot communicate that to her. A request for comment sent to the Iranian mission to the U.N. was not immediately answered. Most of the voices speak in English, though at least one spoke Farsi. If the caller tries to talk to it, the voice just continues with its message. A 30-year-old women living in New York, who heard the same message Ellie did, called it 'psychological warfare.' 'Calling your mom and expecting to hear her voice and hearing an AI voice is one of the most scary things I've ever experienced,' she said. 'I can feel it in my body.' And the messages can be bizarre. One woman living in the U.K. desperately called her mom and instead got a voice offering platitudes. 'Thank you for taking the time to listen,' it said, in a recording that she shared with the AP. 'Today, I'd like to share some thoughts with you and share a few things that might resonate in our daily lives. Life is full of unexpected surprises, and these surprises can sometimes bring joy while at other times they challenge us.' Not all Iranians abroad encounter the robotic voice. Some said when they try to call family, the phone just rings and rings. Colin Crowell, a former vice president for Twitter's global policy, said it appeared that Iranian phone companies were diverting the calls to a default message system that does not allow calls to be completed. Amir Rashidi, an Iranian cybersecurity expert based in the U.S., agreed and said the recordings appeared to be a government measure to thwart hackers, though there was no hard evidence. He said that in the first two days of Israel's campaign, mass voice and text messages were sent to Iranian phones urging the public to gear up for 'emergency conditions.' They aimed to spread panic — similar to mass calls that government opponents made into Iran during the war with Iraq in the 1980s. The voice messages trying to calm people 'fit the pattern of the Iranian government and how in the past it handled emergency situations,' said Rashidi, the director of Texas-based Miaan, a group that reports on digital rights in the Middle East. Mobile phones and landlines ultimately are overseen by Iran's Ministry of Information and Communications Technology. But the country's intelligence services have long been believed to be monitoring conversations. 'It would be hard for anybody else to hack. Of course, it is possible it is Israeli. But I don't think they have an incentive to do this,' said Mehdi Yahyanejad, a tech entrepreneur and internet freedom activist. Marwa Fatafta, Berlin-based policy and advocacy director for digital rights group Access Now, suggested it could be 'a form of psychological warfare by the Israelis.' She said it fits a past pattern by Israel of using extensive direct messaging to Lebanese and Palestinians during campaigns in Gaza and against Hezbollah. The messages, she said, appear aimed at 'tormenting' already anxious Iranians abroad. When contacted with requests for comment, the Israeli military declined and the prime minister's office did not respond. Ellie is one of a lucky few who found a way to reach relatives since the blackout. She knows someone who lives on the Iran-Turkey border and has two phones — one with a Turkish SIM card and one with an Iranian SIM. He calls Ellie's mother with the Iranian phone — since people inside the country are still able to call one another — and presses it to the Turkish phone, where Ellie's on the line. The two are able to speak. 'The last time we spoke to her, we told her about the AI voice that is answering all her calls,' said Ellie. 'She was shocked. She said her phone hasn't rung at all.' Elon Musk said he has activated his satellite internet provider Starlink in Iran, where a small number of people are believed to have the system, even though it is illegal. Authorities are urging the public to turn in neighbors with the devices as part of an ongoing spy hunt. Others have illegal satellite dishes, granting them access to international news. M., a woman in the U.K., has been trying to reach her mother-in-law, who is immobile and lives in Tehran's northeast, which has been pummeled by Israeli bombardment throughout the week. When she last spoke to her family in Iran, they were mulling whether she should evacuate from the city. Then the blackout was imposed, and they lost contact. Since then she has heard through a relative that the woman was in the ICU with respiratory problems. When she calls, she gets the same bizarre message as the woman in the U.K., a lengthy mantra. 'Close your eyes and picture yourself in a place that brings you peace and happiness,' it says. 'Maybe you are walking through a serene forest, listening to the rustle of leaves and birds chirping. Or you're by the seashore, hearing the calming sound of waves crashing on the sand.' The only feeling the message does instill in her, she said, is 'helplessness.'

The Guardian

26 minutes ago

• The Guardian

Internet users advised to change passwords after 16bn logins exposed

Internet users have been told to change their passwords and upgrade their digital security after researchers claimed to have revealed the scale of sensitive information – 16bn login records – potentially available to cybercriminals. Researchers at Cybernews, an online tech publication, said they had found 30 datasets stuffed with credentials harvested from malicious software known as 'infostealers' and leaks. The researchers said the datasets were exposed 'only briefly' but amounted to 16bn login records, with an unspecified number of overlapping records – meaning it is difficult to say definitively how many accounts or people have been exposed. Cybernews said the credentials could open access to services including Facebook, Apple and Google – although there had been no 'centralised data breach' at those companies. Bob Diachenko, the Ukrainian cybersecurity specialist behind the research, said the datasets had become temporarily available after being poorly stored on remote servers – before being removed again. Diachenko said he was able to download the files and would aim to contact individuals and companies that had been exposed. 'It will take some time of course because it is an enormous amount of data,' he said. Diachenko said the information he had seen in infostealer logs included login URLs to Apple, Facebook and Google login pages. Apple and Facebook's parent, Meta, have been contacted for comment. A Google spokesperson said the data reported by Cybernews did not stem from a Google data breach – and recommended people use tools like Google's password manager to protect their accounts. Internet users are also able to check if their email has been compromised in a data breach by using the website Cybernews said the information seen in the datasets followed a 'clear structure: URL, followed by login details and a password'. Diachenko said the data appeared to be '85% infostealers' and about 15% from historical data breaches such as a leak suffered by LinkedIn. Experts said the research underlined the need to update passwords regularly and adopt tough security measures such as multifactor authentication – or combining a password with another form of verification such as a code texted from a phone. Other recommended measures include passkeys, a password-free method championed by Google and Facebook's owner, Meta. 'While you'd be right to be startled at the huge volume of data exposed in this leak it's important to note that there is no new threat here: this data will have already likely have been in circulation,' said Peter Mackenzie, the director of incident response and readiness at the cybersecurity firm Sophos. Mackenzie said the research underlined the scale of data that can be accessed by online criminals. 'What we are understanding is the depth of information available to cybercriminals.' He added: 'It is an important reminder to everyone to take proactive steps to update passwords, use a password manager and employ multifactor authentication to avoid credential issues in the future.' Toby Lewis, the global head of threat analysis at the cybersecurity firm Darktrace, said the data flagged in the research is hard to verify but infostealers – the malware reportedly behind the data theft – are 'very much real and in use by bad actors'. He said: 'They don't access a user's account but instead scrape information from their browser cookies and metadata. If you're following good practice of using password managers, turning on two-factor authentication and checking suspicious logins, this isn't something you should be greatly worried about.' Cybernews said none of the datasets have been reported previously barring one revealed in May with 184m records. It described the datasets as a 'blueprint for mass exploitation' including 'account takeover, identity theft, and highly targeted phishing'. The researchers added: 'The only silver lining here is that all of the datasets were exposed only briefly: long enough for researchers to uncover them, but not long enough to find who was controlling vast amounts of data.' Alan Woodward, a professor of cybersecurity at Surrey University, said the news was a reminder to carry out 'password spring cleaning'. He added: 'The fact that everything seems to be breached eventually is why there is such a big push for zero trust security measures.'

The Guardian

31 minutes ago

• The Guardian

Outcome of Israel's war with Iran is uncertain even if US joins conflict

Israel's assault on Iran, including its nuclear and ballistic weapons programme, is unlikely to secure its long-term strategic objectives, even if Benjamin Netanyahu manages to persuade the Trump administration into joining the conflict in the coming days and weeks, experts have said. According to diplomats, military specialists and security analysts, Israel – and its prime minister – is likely to face mounting headwinds in the campaign, amid warnings that it risks dangerously destabilising the region. There is mounting scepticism over whether even the US's use of massive ground-penetrating bombs would be able to knock out Iran's Fordow nuclear facility, which is buried deep beneath a mountain, and questions have emerged about Israel's ability to sustain a long-range offensive that has exposed its cities to counterattack by ballistic missiles. Experts make the distinction between Israel's operational success in targeting key Iranian sites and individuals, and its strategic objectives which appear to have expanded to regime change in Tehran, on top of destroying its nuclear programme. 'There is a dominant trend in Israel going back to the formation of the state that has suggested to politicians that violence will deliver a solution to what are political problems,' said Toby Dodge, professor of international relations at the London School of Economics. 'My gut feeling is Iranian regime is more stable than has been suggested. And because Iran has a long history of commitment to technological modernisation and proliferation, well, that's something you can't simply remove with a bomb.' Analysts are also puzzled by an Israeli strategy that appears to have gambled on triggering a conflict in the hope of pushing a highly erratic US president in Donald Trump to join, supplying the firepower that Israel lacks in terms of massive bunker-busting bombs. Experts assess that the US would probably have to use several of these bombs, which would need to be dropped relatively close to the Fordow plant, protected by up to 90 metres of bedrock, in a complex and risky operation that is not guaranteed to succeed, and would probably draw retaliation from Iran against US bases, risking further escalation. 'Subcontracting the Fordow job would put the United States in Iran's sights,' Daniel C Kurtzer, a former US ambassador to Israel, and Steven N Simon, a veteran of the national security council, wrote in Foreign Affairs this week. 'Iran would almost certainly retaliate by killing American civilians. That, in turn, would compel the United States to reciprocate. 'Soon enough the only targets left for Washington to hit would be the Iranian regime's leaders, and the United States would again go into the regime-change business – a business in which exceedingly few Americans want to be involved any longer.' The prospect of regime change, perhaps by killing Iran's supreme leader, Ayatollah Ali Khamenei, which has been raised by Israeli officials (and reportedly vetoed by Trump) is already causing profound alarm in the region. Grand Ayatollah Ali al-Sistani, the senior Iraqi cleric, made a rare intervention, warning of the profound dangers to the region. Another sceptic is Andreas Krieg, an associate professor in the Department of Defence Studies at King's College London, who has worked widely in the Middle East and is doubtful that air power can alone can make the kind of impact being sought by Israel, both in terms of destroying Iran's nuclear knowhow or removing the clerical regime. 'It's not the holy grail. We'd learned the lesson that air power alone doesn't work. And then we learned in Iraq and Afghanistan that even massive numbers of boots on ground doesn't work,' he said. 'What we're seeing is not a strategic approach but one that is operational using air power, and the operational approach is starting the consume the strategic one which is about the political endgame. 'The best Israel can best can hope for is something like the campaign against Hezbollah, which has probably delivered a short-lived success, in that it was very successful in degrading Hezbollah's network. 'Iran is very similar in that its defence strategy is built around a decentralised mosaic. Decapitation doesn't work against that kind of network. You can take out key nodes, but the best [Israel] can hope for in killing Khamenei would be to trigger the succession crisis which in any case had been anticipated.' And if Netanyahu has miscalculated, it is in an area where he has long claimed expertise: in reading and playing US politics. With American support for US intervention polling dismally, and the issue threatening to split Trump's Maga movement, Israel may find itself on the wrong side of a toxic argument that has far more salience for Trump than helping Netanyahu. Failing a US intervention to support Israel's campaign, Israel is likely to face growing challenges amid indications it is running low on some missile interceptors. Crew fatigue for the long-range sorties, aircraft maintenance cycles and the exhaustion of prepared target lists are all likely to militate against Israel's ability to maintain a prolonged conflict at the current high level of intensity. Any drop-off will be used by Tehran to suggest to Iranians that it has weathered the worst of the storm. There is a third possibility. Writing in his book Waging Modern War, in the aftermath of the Nato air campaign in Kosovo in 1999 – seen as one of the more successful uses of air power – the organisation's former supreme allied commander Wesley Clark, described the campaign as having one objective – to force the Serbs to the negotiating table. With contacts now re-established with Iranian negotiators, including talks in Geneva on Friday with European countries, Trump himself has suggested there is more time for diplomacy to run. Even if Iran is forced to a nuclear deal, Israel may find it comes with heavy hidden costs, not least the potential for survival of a clerical regime with every reason to be even more hostile to Israel and Israelis, and the limitations of Israeli military power, perhaps, exposed. 'If Khamenei has the sense to step back, if America doesn't come in,' says Dodge, 'then Israel has stuck its finger in a hornets' nest.'