Last night, Israel initiated “Operation Rising Lion,” a significant wave of airstrikes targeting key Iranian nuclear facilities and military installations, including the main enrichment site at Natanz and various military bases. Reports indicate that these strikes resulted in the deaths of several high-ranking Iranian military officials, including the chief of the Islamic Revolutionary Guard Corp (IRGC) and nuclear scientists. Israel stated these attacks were preemptive to counter an imminent threat from Iran’s nuclear program.

In retaliation, Iran swiftly launched over 100 drones towards Israel. While Israel’s air defenses were reportedly successful in intercepting many of these drones, Iran’s Supreme Leader Ayatollah Ali Khamenei has vowed “severe punishment” and a “harsh response” for Israel’s actions, raising fears of further escalation in the region.

The NJCCIC assesses that heightened geopolitical tensions and military confrontation in the Middle East significantly increase the risk of offensive cyber operations by both nation-states and those sympathetic to them and their ideology. While the primary targets of these cyber activities may be the entities in the conflict, the interconnected nature of our global digital infrastructure means that organizations in New Jersey, regardless of size or sector, could become indirect targets or experience cascading effects.

Recommended Precautions and Vigilance:
While the NJCCIC has not identified any specific or credible cyber threats to New Jersey’s public or private sector cyber infrastructure at this time, we are advising all members to review and reinforce their cybersecurity posture, including taking the following actions:

1. Review Incident Response Plans: Ensure your organization’s incident response plan is up-to-date, tested, and understood by all relevant personnel. Confirm communication channels with internal and external stakeholders (e.g., law enforcement, NJCCIC).
2. Enhance Network Monitoring: Increase vigilance over network traffic for anomalous behavior, unusual login attempts, and suspicious activity, especially on critical systems and external-facing assets.
3. Patch and Update Systems: Immediately apply all critical security patches and updates to operating systems, software, and firmware, prioritizing internet-facing systems and those within critical infrastructure.
4. Strengthen Authentication: Enforce Multi-Factor Authentication (MFA) for all accounts, particularly those for remote access, privileged accounts, and critical business applications. Review and tighten access controls, adhering to the principle of least privilege.
5. Review External Connectivity: Scrutinize and secure all external connections to your network. Disable or restrict access to unnecessary services, ports, and protocols.
6. Back up Critical Data: Ensure all critical data is regularly backed up offline or in a segregated environment and that recovery procedures are tested.
7. Conduct Employee Awareness Training: Remind employees about the heightened risk of phishing, social engineering, and misinformation campaigns. Emphasize vigilance against suspicious emails, links, and attachments.

The NJCCIC will closely monitor the evolving cyber threat landscape and provide further updates as new intelligence becomes available. We encourage all members to report any suspicious cyber activity or confirmed incidents to the NJCCIC immediately.