A group of Iranian hackers has taken down an American government website and have left a message claiming that they work for the Iranian state. The tensions between the US and Iran are now shifting to the cyber world as well, as the hackers claim retaliation for the death of the Iranian general Soleimani.

The Federal Depository Library Program was the target of the hack. The message addressed the US in slightly broken English:

“This is message from Islamic Republic of Iran. We will not stop supporting our friends in the regions, the oppressed people of Palestine, the oppressed people of Yemen, the people, and the Syrian government, the people and government of Iraq, the oppressed people of Bahrain, the true mujahideen resistance in Lebanon and Palestine. (…) This is only a small part of Iran’s cyber ability. We’re always ready. To be continued.”

There is no evidence yet that the attack was actually carried out by order of the Iranian state. However, retaliation for the drone attack that killed Soleimani is expected to take this form, in part. So an Iranian cyber attack could well be a state order.

Capacities built up

Chris Morales, Head of Security Analytics at cybersecurity firm Vectra AI, told SiliconAngle that Iran used cyber attacks as part of its strategy some ten years ago. Since the country’s nuclear centrifuges were hit by the Stuxnet virus in 2010, the country has built up its capabilities considerably.

“Cyber offensive actions have been ongoing and instigated by both sides through that time period,” Morales said. “Iran is not as sophisticated in its cyber capabilities as it primarily leverages black market malware as opposed to the customer built malware used by U.S. and Israel cyber command. I do think Iran would prompt a cyberstrike, but they also would measure that response with the threat they know they face from a US ongoing offensive.”