Publicly Reported Iranian Cyber Actions in 2019

This is a list of the cyber actions undertaken by Iran in 2019 that we know of (there are probably others). Iran's hackers have improved every year since 2010. They practice regularly with attempted attacks against their neighbours (and Iran uses Hezbollah and Hamas as proxies for cyber actions, which could give them a degree of deniability if they choose to act). While still not a peer with the United States or other leading cyber powers, Iran is active and skillful. Iranian hackers have probed U.S. critical infrastructure (like pipelines and dams). The two "attacks" they’ve carried out in the continental United States were denial-of-service attacks on big banks—not particularly damaging—and the attack on the Sands Casino, which damaged its computer networks. Iran does not lack for sufficient cyber capability to attack U.S. targets, making the choice whether to use it a strategic calculation of benefit and risk for Iran's leaders.

  • Iranian hackers targeted the accounts of employees at major manufacturers and operators of industrial control systems.
  • Iranian hackers targeted more than 170 universities around the world between 2013 and 2017, stealing $3.4 billion worth of intellectual property and selling stolen data to Iranian customers.
  • Iranian hackers conducted a series of attacks against the Trump campaign as well as current and former U.S. government officials, journalists, and Iranians living abroad.
  • Networks at several Bahraini government agencies and critical infrastructure providers were infiltrated by hackers linked to Iran.
  • An Iranian hacking group targeted LinkedIn users associated with financial, energy, and government entities operating in the Middle East.
  • U.S. Cyber Command warned that government networks were being targeted with malware associated with a known Iranian hacking group.
  • A suspected Iranian group was found to have hacked into telecommunications services in Iraq, Pakistan, and Tajikistan.
  • Iran developed a network of websites and accounts that were being used to spread false information about the United States, Israel, and Saudi Arabia.
  • Iranian hackers reportedly undertook a hacking campaign against banks, local government networks, and other public agencies in the United Kingdom.
  • An Iranian cyber espionage group targeted government and industry digital infrastructure in Saudi Arabia and the United States.
  • Iran's intelligence reportedly service hacked into former Israeli Defense Forces chief of general staff and Israeli politician Benny Gantz’s cellphone ahead of Israel’s April elections.
  • Iranian hackers targeted thousands of people at more than 200 oil and gas and heavy machinery companies across the world, stealing corporate secrets and wiping data from computers.
  • Iranian hackers have been targeting the telecom and travel industries since at least 2014 to surveil and collect the personal information of individuals in the Middle East, United States, Europe, and Australia.
  • Iran engaged in a multiyear, global Domain Name System hijacking campaign targeting telecommunications and internet infrastructure providers as well as government entities in the Middle East, Europe, and North America.