First potential Suleimani revenge attack hits US cyberspace

Iranians attend the funeral ceremony of slain Iranian Revolutionary Guards Corps (IRGC) Lieutenant general and commander of the Quds Force Qasem Soleimani and of other victims in Tehran, Iran, 06 January 2020. Soleimani was killed in a targeted US airstrike on 03 January 2020 in Baghdad, Iraq. [EPA-EFE/ABEDIN TAHERKENAREH]

The US Department of Homeland Security (DHS) is monitoring the hacking of a government website, which may have been conducted in response to the US drone strike that killed Iranian military commander Qassim Suleimani at Baghdad airport on Friday (3 January).

Over the weekend, hackers defaced the website of the US Federal Depository Library Program (FDLP), with what Sara Sendek, a spokesperson for DHS’ Cybersecurity and Infrastructure Security Agency said is “pro-Iranian, anti-US messaging.”

The image and text, which has since been taken down, featured a doctored image of President Donald Trump bleeding from the mouth, whilst being hit in the face by an individual clad in Islamic Revolutionary Guard attire.

The picture was accompanied by a message claiming that the defacement was conducted by the Islamic Republic of Iran, and that the FDLP site was “Hacked by Iran Cyber Security Group HackerS.”

“Martyrdom was (Suleimani’s)…reward for years of implacable efforts,” the text on the graphic read. “With his departure and with God’s power, his work and path will not cease and severe revenge awaits those criminals who have tainted their filthy hands with his blood and blood of the other martyrs.”

The text also claimed that is was only a small example of Iran’s cyber ability, in an apparent warning of things to come.

Meanwhile, the DHS has issued warnings about the likelihood of cyberattacks against the US following last week’s targeted killing of Suleimani, for which Tehran has vowed “forceful revenge”.

A National Terrorism Advisory System (NTAS) alert published on Saturday read that “Iran maintains a robust cyber program and can execute cyberattacks against the United States.”

“Iran is capable, at a minimum, of carrying out attacks with temporary disruptive effects against critical infrastructure in the United States,” the statement added.

However, the DHS’ Sendek was reluctant to preemptively attribute the weekend’s hack to the Iranian authorities, saying that so far, “there is no confirmation this was the action of Iranian state-sponsored actors.”


This stakeholder supports EURACTIV's coverage of Cybersecurity. This support enables EURACTIV to devote additional editorial resources to cover the topic more widely and deeply. EURACTIV's editorial content is independent from the views of its supporters.


Subscribe to our newsletters