Washington (CNN) The Department of Homeland Security has ordered federal agencies to take immediate steps to protect themselves from "hijacking and tampering" cybersecurity incidents in the wake of an ongoing tampering campaign.

DHS said in a statement this week it is aware of a "number of agencies affected" by the campaign. DHS did not indicate who is responsible for the attacks, but the private security firm FireEye said its analysis suggests the attacks are originating from Iran.

Cyberattacks on US institutions are not uncommon, but the incidents referred to in Tuesday's directive might not be detected by typical cyberprotections. The tampering campaign also comes amid concerns about the safety of US institutions during the partial government shutdown, which has resulted in the furloughs of about 13% of the DHS workforce, while many others aren't being paid.

Attackers have redirected and intercepted web and mail traffic by tampering with Domain Name System records, according to the Cybersecurity and Infrastructure Security Agency, the agency that issued the directive. DNS is the system that matches website names to the location of the site online, and manipulating the system could allow attackers to decrypt information and expose user data, CISA said.

"We continue to see evidence suggesting that operators are operating out of Iran, and going after targets that would be of interest to a government" which suggests they are acting "in support of the Iranian government," said Benjamin Read, FireEye senior manager of cyber espionage analysis.

Read More