A hacker identifying themselves as an “Iranian hacker” defaced the state’s agricultural agency homepage with an image of Qassem Soleimani, a high-ranking Iranian general killed in a U.S. drone strike last week in Baghdad.
The Texas Department of Agriculture’s website was briefly defaced Tuesday morning with an image of a high-ranking Iranian general killed in a recent U.S. drone strike.
The brief changes to the agency's website showed the words "Hacked by Iranian Hacker" and "Hacked by Shield Iran x #theloserteam," and a black-and-white image of Iranian Maj. Gen. Qassem Soleimani, who was killed in Baghdad Friday.
Department of Information Resources (DIR) Executive Director Amanda Crawford said attempts traced back to the Middle East have spiked in the last 48 hours, averaging a rate of about 10,000 per minute. Crawford said the geographic increase is due to retaliatory efforts for a drone strike authorized by President Donald Trump.
Crawford said none of the probes has been successful, but self-described Iranian hackers have claimed responsibility for the defacement of the state’s Department of Agriculture website, which is not hosted by DIR.
So apparently the Texas Department of Agriculture website has been hacked... pic.twitter.com/gfFNFGyKuK— José Santos Portugal (@JSPortugal3) January 7, 2020
Maddison Jaureguito, a spokeswoman with the Department of Agriculture, said the cyberattack was not a hack, and said that staff have addressed the issue. Jaureguito added that the incident is under investigation by state and federal agencies.
Texas Gov. Greg Abbott also acknowledged the uptick in attempted cyberattacks from Iran on state agencies during a roundtable discussion Tuesday with the Domestic Terrorism Task Force.
In response to a similar defacement of U.S. Federal Depository Library Program, the U.S. Department of Homeland Security (DHS) and the Cybersecurity and Infrastructure Security Agency (CISA) issued advisories warning state, county and local governments of the cyberthreat.
“As described in the recent NTAS bulletin, in these times of increased threats, all organizations should increase monitoring, back up your systems, implement multi-factor authentication, and have an incident response plan at the ready,” a CISA spokesperson wrote in an email to Government Technology.
While it remains unknown if the recent slough of cyberattacks are being conducted by state-sanctioned hackers, experts worry that Iranian hackers may eventually move onto larger targets, such as infrastructure or ransomware.