On June 22, 2025, the U.S. Department of Homeland Security (DHS) issued a National Terrorism Advisory System (NTAS) Bulletin highlighting potential cyber threats to U.S. networks, citing likely activity from pro-Iranian hacktivists and state-affiliated cyber actors.
The bulletin was released shortly before a ceasefire was publicly announced between Israel and Iran.
Though the ceasefire has led to a reduction in direct military hostilities, DHS has not modified or withdrawn its advisory. Instead, the agency reaffirmed the possibility of retaliatory cyber activity against the United States.
This advisory serves as a federal-level acknowledgment of ongoing cyber risk and outlines preparedness steps for federal, state, and local authorities, as well as private sector stakeholders.
Why It Matters: The DHS bulletin is significant not for identifying an imminent attack, but for formally recognizing cyber operations as a persistent threat vector tied to geopolitical dynamics. The advisory draws attention to infrastructure vulnerabilities and emphasizes the importance of ongoing cybersecurity vigilance across sectors.
- Identified Threat Vectors: The NTAS bulletin specifically warns of probable cyber threats by non-state and state-aligned pro-Iranian actors. These include “low-level” disruptions such as defacement or denial-of-service attacks and more sophisticated intrusions potentially tied to state intelligence operations.
- Critical Infrastructure Risk: Although the advisory does not single out sectors, cybersecurity experts cited in related reporting have highlighted power grids, water treatment plants, hospitals, and financial services as common targets in prior cyber campaigns involving Iranian-linked threat actors.
- Cybersecurity Advisory Scope: The DHS bulletin was accompanied by outreach from agencies like the Cybersecurity and Infrastructure Security Agency (CISA), urging organizations to bolster network defenses, ensure up-to-date patching, and adopt multi-factor authentication to mitigate breach risks.
- Cyber Threat Trends: Cybersecurity firm Radware reported a 700% spike in cyberattacks on Israeli infrastructure following regional military actions, demonstrating the scalability and immediacy of such digital campaigns. While this data pertains to Israel, it is referenced in the broader context of increased cyber hostility from related actors.
- Preparedness and Public Guidance: DHS recommends that organizations monitor their systems for unusual activity and promptly report incidents to the FBI or local fusion centers. The bulletin also encourages the public to practice good cyber hygiene, such as avoiding phishing scams and using strong passwords.
Go Deeper -> DHS Issues National Terrorism Advisory System Bulletin Amid Israel-Iran Conflict – DHS
US officials issue warning on heightened threats from Iran – USA Today
700% spike in cyberattacks on Israel since strike on Iran – Radware – The Jerusalem Post
