United States of America: Cybersecurity and Infrastructure Security Agency adopted advisory on potential malicious cyber activity by Iranian-affiliated actors targeting vulnerable US critical infrastructure

On 30 June 2025, the Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), Department of Defense Cyber Crime Center (DC3), and National Security Agency (NSA) adopted an advisory warning on potential malicious cyber activity by Iranian-affiliated actors targeting vulnerable US critical infrastructure. The advisory highlights the increased risk of cyber operations, including exploitation of unpatched software, weak passwords, website defacements, data leaks, distributed denial of service (DDoS) attacks, and ransomware campaigns. Organisations in sectors including energy, water, manufacturing, healthcare, and defence were urged to take immediate action to strengthen cyber defences by disconnecting operational technology assets from the internet, applying security patches, enforcing strong passwords and phishing-resistant multi-factor authentication, monitoring access logs, and updating incident response and recovery plans.