The number of hacking attempts on the United States' federal, state, and local government websites jumped by a staggering amount this week following the assassination of Iranian military leader Qasem Soleimani.
According to state government officials and network security firm Cloudflare, Iran-based hacking attempts to breach the country's computer networks jumped by over 50 percent following the US-led airstrike in Iraq. The number of hacking attacks then continued to intensify in the days that followed.
A report published by Cloudflare revealed that it had tagged nearly half a billion hacking attempts from Iran-based IP addresses over the first 48 hours right after the US airstrike last week at the Baghdad International Airport. The attacks from Iran-based IP addresses were nearly three times the amount when compared to targets from the rest of the world.
Cloudflare CEO, Matthew Prince, mentioned in an interview that the surge in the number of hacking attempts was statistically significant. Prince added that the actual amount of attacks on US-based networks is likely higher as the company only has a limited view of the wider Internet.
Apart from Iran-based hacking attempts, Cloudflare also reported a spike in the number of attacks traced to other countries. The company speculated that Iranian hackers likely masked their locations, while non-Iranian groups took advantage of the situation to mask their alternative intentions. Prince pointed out that the ability to mask locations is an indication of how sophisticated Iranian hackers have become.
The majority of the attacks were "denial of service" attempts, which aimed to shut down websites by overwhelming services with false traffic. Other attempts were simply networking probes, likely trying to find vulnerabilities in US networks.
A number of hacks were successfully, but fortunately not of them were serious. This week, the websites of the Texas Department of Agriculture and an Alabama veterans' group were defaced. Hackers posted an image of Soleimani on the websites, with a message that stated that it was placed there by Iranian hackers.
A website belonging to the Government Publishing Office was also defaced just hours after the US-led airstrike. Hackers managed to post an image of US President Donald Trump with a bloodied face on the home page of the website. Security experts and government authorities have launched separate investigations into the cyber attacks.
Cybersecurity experts have all agreed that the successful attacks were the work of amateurs that took advantage of less secure websites. The hackers likely were not capable of breaking into more secure networks and simply settled on less serious attacks. Nevertheless, the Department of Homeland Security has issued several warnings to businesses and infrastructure operators to be on high alert, given the current situation between Iran and the United States.
