23rd June 2025, Kathmandu
U.S. launched coordinated precision airstrikes on three Iranian nuclear sites in a move that marked a major escalation in Middle East tensions.
Iranian cyberattacks after U.S. strikes
President Donald Trump announced the attacks in a national address, claiming Iran’s “key nuclear facilities have been completely and fully obliterated.” However, independent verification of the damage is not yet available.
Global Fallout and Regional Escalation Risk
The strikes are widely viewed as support for Israel’s ongoing campaign to dismantle Iran’s nuclear capabilities. Iran’s Foreign Minister Abbas Araghchi responded sharply, warning of “everlasting consequences” and asserting that Tehran “reserves all options” for retaliation.
DHS Issues Cybersecurity Alert Amid Retaliation Threats
The U.S. Department of Homeland Security (DHS) released an advisory on June 22, warning of likely cyber retaliation by Iran. DHS says Iranian “hacktivists” may launch low-level cyberattacks, with the possibility of larger attacks if Iranian leadership calls for direct violence.
The agency highlights Iran’s prior threats following the assassination of Gen. Qasem Soleimani and warns that the recent U.S. strikes will likely intensify their motivation for revenge.
Iran’s Cyber Capabilities Among the World’s Most Active
The Islamic Revolutionary Guard Corps (IRGC) leads Iran’s cyber operations and remains one of the top four global cyber adversaries, alongside China, North Korea, and Russia.
While Iran lacks the scale of Russia’s cybercriminal networks or China’s advanced state-backed teams, it has demonstrated dangerous offensive capabilities. Targets have included:
U.S. defense contractors
Federal agencies
Energy infrastructure
Water and wastewater systems
A recent guilty plea from Iranian national Sina Gholinejad in the 2019 Baltimore ransomware attack underlines the persistent threat.
High-Profile Past Attacks Linked to Iran
Iranian cyberattacks have often been tied to retaliatory motives. For instance:
2012–2013: Attacks on major U.S. banks in response to sanctions.
2013: Hack of Bowman Dam in New York after the U.S.-Israel Stuxnet operation.
2014: Sands Casino hacked after its CEO called for bombing Iran.
In total, these attacks demonstrate a proven Iranian willingness to cause real-world damage through cyberspace.
Threats to Critical Infrastructure in the U.S.
Iranian cyber actors could target essential U.S. services, including:
Power grids
Financial networks
Transportation systems
Emergency communication services
The Center for Internet Security (CIS) notes that Iran may turn to more aggressive or less sophisticated tactics if conventional military options are weakened.
According to CIS, informal hacker groups, proxies, or “sleeper cells” could carry out operations with high-impact consequences.
Reduced U.S. Cyber Defenses a Cause for Concern
Both former directors of the Cybersecurity and Infrastructure Security Agency (CISA) have criticized the Trump administration for making budget cuts that reduced national cyber readiness. These reductions, they argue, leave U.S. infrastructure more vulnerable in the face of threats like those posed by Iran.
Iran Imposes Severe Internet Restrictions
In a defensive move, Iranian authorities are restricting internet access to mitigate Israeli and U.S. cyberattacks. Starting June 17, internet traffic dropped significantly, according to NetBlocks and Kentik.
Access to foreign sites and services like WhatsApp was blocked. Iran’s Ministry of Communications urged citizens to uninstall WhatsApp, claiming it aids Israeli intelligence.
Mobile data was also throttled in many regions, making navigation apps like Google Maps and emergency communications unavailable. This has impacted evacuation efforts and left citizens digitally isolated.
National Information Network Push Raises Trust Concerns
In response to outages, the Iranian government is promoting its National Information Network (NIN)—a closed domestic internet platform. However, many Iranians distrust its surveillance and data handling practices.
Citizens are expressing concern over privacy violations, censorship, and lack of access to global platforms during a time of crisis.
What Comes Next: Escalation or Cyber Deterrence?
While Iran’s immediate cyber retaliation may focus on Israeli targets, U.S. networks remain at high risk due to perceived complicity. DHS has urged critical infrastructure organizations to immediately harden their cybersecurity posture.
With internet disruptions inside Iran, growing proxy threats in the Middle East, and weakened U.S. cyber defenses, experts warn that a surge in cyber conflict could be on the horizon.
Key Takeaways
DHS warns of imminent cyberattacks from Iran after U.S. airstrikes.
Iran’s cyber groups may target banking, energy, and federal systems.
Past attacks show Iran’s willingness to retaliate via cyberspace.
U.S. cybersecurity readiness is under scrutiny due to budget cuts.
Internet restrictions in Iran may signal internal panic and strategic isolation.
For more: Iranian cyberattacks after U.S. strikes