CHARLOTTE, N.C. — Cybersecurity experts, federal, and state governments are warning everyone to be on the lookout for digital attacks after a tit-for-tat between the U.S. and Iran.
"Iran is considered one of the four leading cyber adversaries in the world," said Dr. Jon Haass, dean of the Security and Intelligence School at Embry Riddle in Prescott, Arizona, speaking with sister station KPNX-TV.
"One of the things that could surprise us is finding the places that were weak," he said, although he believed the U.S. is ready for a cyber attack.
Governors of both North and South Carolina said state agencies are on alert and residents should be, too.
"To be forewarned is to be forearmed," said Governor Henry McMaster at a press conference Wednesday.
On Tuesday, Governor Roy Cooper said he was, "urging the public to be vigilant of phishing emails, ransomware attacks and other cyber-threats, following recent world events."
"It's scary, this is scary," said Vice President of Cyber World Institute Garvin Bushell.
He was reacting to sister station KSNV-TV after the City of Las Vegas was nearly hacked on Tuesday. Officials in Sin City still don't know who the culprit was, but Bushell believes it could've been Iran.
"I 100% believe that it's part of it," Bushell said.
Iran has struck before. From 2011 to 2012, they targeted and hit U.S. banks and locked customers out of their accounts because of it.
In 2013, they accessed a dam's control system in New York.
They could target those same sectors again, hitting your wallet or perhaps even impacting how you travel.
Some cyber experts warn they could go for other vulnerable targets as well, carrying out a cyber operation to hit finance, electrical, telecom, air traffic control, and even corporations.
"The Iranian cyber capabilities are much more mature now, much more aggressive and in the past have demonstrated the ability to not only attack systems and disrupt them as with American banks but also to get into systems to destroy them," said Juan Zarate, a NBC News security analyst.
Governor Cooper is urging everyone to take the following security steps:
- Be suspicious of unsolicited emails. Whether it’s a request for donations or just information about the people in your family or agency, cybercriminals can use details you provide in potential scams.
- Follow up, if necessary. Even if you know and trust the sender, contact them by phone or in person if an email seems out of the ordinary, like a request for money or sensitive information.
- Think before you click. Links and attachments in suspicious emails could compromise your online security and that of your organization. If there’s any doubt, check with the sender first.
- Pay attention to web and email addresses. Malicious websites can look identical to trusted sites, but the URL or email address might use a different spelling or domain (e.g., .net instead of .com).
- Visit and download information only from trusted sources. When in doubt, avoid a website until you can confirm its legitimacy, especially if you’re on a mobile device, where it’s often more difficult to tell.
- Protect your personal information. Avoid sending sensitive, personal identifiable information (e.g., Social Security numbers) or passwords in email – regardless of the recipient – unless you use encryption.
- Keep software up to date. Make sure your computer and mobile devices are running the latest version of operating systems and anti-virus software and that you are using the latest version of your web browser.