Apparent Pro-Iran Hackers Deface Federal Library Program Site

There is no confirmation yet that Iranian state-sponsored actors were behind the hack, a Department of Homeland Security spokesperson said

Nicolas Armer/picture alliance via Getty Images

The website for a federal library program was hacked by an apparent pro-Iranian group late Saturday night, officials said.

A spokesperson for the U.S. Government Publishing Office (GPO) said an intrusion was detected on the website for the Federal Depository Library Program and that the site was later taken down.

"GPO’s other sites are fully operational," GPO Spokesperson Gary Somerset told NBC. "We are coordinating with the appropriate authorities to investigate further."

A screenshot of the hacked site, which has since gone offline, shows a drawing of President Donald Trump with blooding dripping from his teeth after being punched by a fist representing Iran.

A message on the compromised site said the hack was only "a small part of Iran's cyber ability."

The Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) said it was also aware that the site had been defaced with "pro-Iranian, anti-US messaging."

"At this time, there is no confirmation that this was the action of Iranian state-sponsored actors," a CISA spokesperson said in a statement. "CISA is monitoring the situation with FDLP and our federal partners."

CISA also reminded organizations that "in these times of increased threats" they should increasingly monitor their sites for cyberattacks, back up data and use multi-factor authentication to protect account and login information.

The White House and FBI declined to comment.

Although it's still unclear if the Iranian government was behind the hack of the Federal Depository Library Program site, the attack sheds light on experts' concerns about how Iran would respond to the United States' targeted killing of its top commander.

Security experts warned Friday that Iran’s retaliation for the killing early Friday in Iraq of Quds Force commander Gen. Qasem Soleimani would likely include cyberattacks.

In 2012 and 2013, in response to U.S. sanctions, Iranian state-backed hackers carried out a series of disruptive denial-of-service attacks that knocked offline the websites of major U.S. banks including Bank of America as well as the New York Stock Exchange and NASDAQ. Two years later, they wiped servers at the Sands Casino in Las Vegas, crippling hotel and gambling operations.

The destructive attacks on U.S. targets ebbed when Tehran reached a nuclear deal with the Obama administration in 2015. The killing early Friday in Iraq of Quds Force commander Gen. Qassam Soleimani — long after Trump scrapped the nuclear deal — completely alters the equation.

“Our concern is essentially that things are going to go back to the way they were before the agreement,” John Hultquist, director of intelligence analysis at the cybersecurity firm FireEye, told the Associated Press. “There are opportunities for them to cause real disruption and destruction.”

Contact Us