Desperate Iranian mullahs could lash out at America ordering deadly cyber attacks on our dams and electricity grids – or even terror attacks from ‘sleeper cells’, security experts are warning.
DailyMail.com spoke to former top diplomats, cybersecurity and national security experts who said that although the Iranian regime is on the back foot and reeling from Israeli bombardment, it still has the ability to wreak havoc on US soil.
A former senior diplomat who had extensive Top Secret security briefings on Iran told DailyMail.com that the new ‘hot war’ between Iran and Israel, and Ayatollah Khameini’s increasingly desperate position, has ratcheted up the risk of the regime taking drastic action in the US.
‘I can’t imagine, seeing how this war is going, that Iran is going to hold back,’ said the top ex-US official, who spoke on condition of anonymity.
‘They’re running out of options, and this is one of the areas in which they’ve unfortunately been quite effective.
‘You can’t manufacture new missiles or centrifuges overnight. But you can empower whatever proxies are remaining to act with even more deadly results.
‘Assassination attempts, terror attacks, they will of course still try to do those things. It’s no secret they have made assassination attempts on US soil, in Washington DC.
‘Their capabilities for doing so are becoming less both because of their degrading situation, and also because we’re on much higher alert here in DC.
‘But If they employ hacking capabilities on mass infrastructure, our energy grid, our nuclear facilities, major dams, these are all things that are vulnerable.’
The former top State Department official said Iran had been pouring money for years into political opposition to US Iran hawks and promoting critiques of its enemies such as Israel on university campuses.
But a hail-Mary strategy for the regime action could see Iranian government-backed online activity turn to more dangerous hacking.
‘It’s not just about stoking up anti-American fervor on campus. It’s also about finding the weakest parts of the systems that keep us all safe,’ the ex-official said.
‘You don’t need to bomb trains. You could just have the signals mixed up due to a digital hack and have them run into each other.’
Rex Booth, who worked as the chief of cyber threat analysis at the government’s Cybersecurity and Infrastructure Agency, gave a stark warning that Iran’s hackers have already infiltrated critical US infrastructure.
‘They have a demonstrated ability of infiltrating infrastructure and remaining there undetected for extended periods of time,’ he told DailyMail.com.
Booth pointed to a 2013 hack of the control center of the Bowman Avenue Dam in Westchester County, New York by hackers working for Iran’s Revolutionary Guard Corps.
Disaster was averted by luck, as the dam’s sluice gate was offline for maintenance at the time. But it was a chilling example of exposed infrastructure.
‘The idea is that they can open dams, release water when they’re not supposed to, and potentially cause, depending on how the dam is situated, catastrophic consequences downstream,’ Booth said.
‘We learned, based on observations that the private sector makes as well as government has made, that there is substantial intrusion into our national critical infrastructure by a variety of nation-state actors.
‘And our visibility into that intrusion, we know is limited. We know it’s happening, we see a portion of it, but we suspect that’s a pretty small percentage.
‘So when we go to engage adversarial nations in conflict, we have to do so with the knowledge that we don’t have full visibility into the extent of the infiltration of these nations into our systems that we depend on day in, day out. And with that comes real risk.’
Oregon Senator Ron Wyden has railed against outdated and vulnerable security systems for private dams in his state, stating in a congressional hearing last year: ‘I don’t want to wake up to a news report about a small town in the Pacific Northwest getting wiped out because of a cyberattack against a private dam upriver.’
In 2024, the Federal Energy Regulatory Commission (FERC) had just four full-time employees tasked with overseeing 2,500 dams across the US and had not updated its cybersecurity requirements for commercial dam operators since 2016.
FERC proposed new cybersecurity standards in September but has not yet implemented them.
National security consultant EJ Kimball told DailyMail.com there is ‘certainly a risk that the Iranians may escalate things regarding the US.’
‘The FBI has reported in congressional testimony over the years about Iranian support networks operating inside the US,’ added Kimball, who works as Director of Christian Outreach and Engagement for the nonprofit Combat Antisemitism Movement.
‘It’s certainly a big risk that those networks could be activated to carry out terrorist attacks here.
‘We know that Hezbollah has been operating in the US for over 25 years, probably over 30 years at this point. Hezbollah is controlled by Iran.’
But Kimball added that Israel had been so effective in its lightning assassinations of Iranian and Hezbollah military leaders that potential terrorists may not know who to take orders from anymore.
‘Obviously a desperate regime will lead to desperate measures being taken. But those can only be taken if someone is there to give the orders,’ he said.
‘If you’re one of those sleeper cells in the United States that’s been here, you would have to be a die hard to actually move forward with it, because there is essentially no path to victory for the Iranian cause.
‘The quicker that this war with Iran ends, the less likelihood that those agents would actually activate.’
‘There’s a lot of bluster. The question is, what is their actual capability? We have to plan for the worst, but expect the best,’ Kimball said.
