Cyber Command and Revolutionary Guard spar in cyberspace.
US Cyber Command is said to have conducted offensive operations against Iranian targets as a reprisal for Tehran's attacks on commercial shipping in the Gulf of Oman, and for the shootdown of a US Global Hawk unmanned drone. Yahoo, which broke the story, said the attacks were directed against an Iranian intelligence unit responsible for supporting attacks against shipping by tracking tanker traffic.
The Washington Post added details about the alleged US cyberattack, reporting that US Cyber Command had disabled Iranian missile command and control systems in the region, which would be a direct riposte to the Global Hawk shootdown. US Central Command and the US Navy have referred inquiries to Cyber Command, which declines to comment for reasons of operational security. Fox News says Iran has promised a "firm" response to any American "aggression."
Last Saturday, the US Cybersecurity and Infrastructure Security Agency (CISA) warned that Iran has increased the tempo of its cyberattacks against US targets, and that destructive wiper attacks could be expected. These typically gain access to target networks through familiar criminal methods, particularly phishing, password spraying, and credential stuffing. CISA's advice for defense is here.
Washington and Tehran barked over the week, but (beyond new US sanctions directed against Iranian leaders) did not bite, at least not publicly (Wall Street Journal). President Trump warned Iran not to overestimate American patience or restraint. For its part Iran pointed out that it could knock down an American drone any time it decided to do so, and that "the enemy knows it" (Washington Post).