US officials, lawmakers warn of potential Iranian cyberattacks

US officials, lawmakers warn of potential Iranian cyberattacks

Senior government officials and lawmakers warned Friday that Iran may attempt to carry out cyberattacks against the U.S. in retaliation for the killing of Quds Force commander Qassem Soleimani.

"The Iranians have a deep and complex cyber capability, to be sure. Know that we have certainly considered that risk,” Secretary of State Mike PompeoMichael (Mike) Richard PompeoOvernight Defense: Esper confirms plans to drop below 5,000 troops in Afghanistan | State Department says it's cleared of wrongdoing in emergency arms sales before investigation's release State says it will be cleared by watchdog report US 'deeply concerned' over election in Belarus MORE said on Fox News.

His remarks came the same day that Iranian Supreme Leader Ayatollah Ali Khamenei said a “harsh retaliation is waiting” for the U.S. after President TrumpDonald John TrumpTeachers union launches 0K ad buy calling for education funding in relief bill FDA head pledges 'we will not cut corners' on coronavirus vaccine Let our values drive COVID-19 liability protection MORE ordered a drone strike in Baghdad that killed Soleimani.


Lawmakers said the strike has raised the odds of possible attacks from Iran, long-identified as one of the top international cyber threats to the U.S.

House Homeland Security Committee Chairman Bennie ThompsonBennie Gordon ThompsonProgressive Caucus co-chair: Reported oversight change in intelligence office 'seems a bit...fascist' House lawmakers to launch probe into DHS excluding NY from Trusted Traveler Program Cuomo says Wolf, Cuccinelli violated oath of office and should be investigated MORE (D-Miss.) told The Hill in a statement that “President Trump’s reckless actions in the Middle East have made us less secure and risk serious consequences for the security of the homeland by escalating an already volatile situation. We have to be vigilant.”

Rep. Elissa SlotkinElissa SlotkinPaul Junge wins Michigan GOP primary to challenge Elissa Slotkin Overnight Defense: US formally rejects Beijing's South China Sea claims | House set to consider defense policy bill next week | 57 injured as firefighters battle warship blaze House Democrat warns about 'inaccurate' polls: Trump voters 'fundamentally undercounted' MORE (D-Mich.), who formerly worked as a CIA analyst and served three tours in Iraq focused on Iran-backed militias, also strongly warned of the potential for attacks on the U.S.

“The Iranian government has vowed to retaliate and avenge Soleimani’s death, and could do so in any number of ways: against our diplomats and service members or high-ranking military officers, against our allies and partners in the region, or through targeted attacks in the Western world,” Slotkin said in a statement. “It is critical that the Administration has thought out the moves and counter-moves this attack will precipitate.”

Both Thompson and Slotkin have been heavily involved in drafting and advancing cybersecurity legislation.

Rep. John KatkoJohn Michael KatkoCongress must deliver aid and empower localities to continue assisting in COVID-19 response Lawmakers zero in on Twitter following massive hack Democrat Dana Balter to face Rep. John Katko in NY House rematch MORE (N.Y.), the top Republican on the Homeland Security Committee's cybersecurity subcommittee, said in a statement that “we must remain focused on keeping this country safe from retaliation – not only on the ground in the Middle East and here at home, but from potential cyberattacks against our nation.”


Top officials at the Department of Homeland Security (DHS) met over the past two days to discuss any potential threats stemming from Thursday's deadly airstrike, according to acting Secretary Chad WolfChad WolfSenate Democrats demand answers on migrant child trafficking during pandemic Watch live: Acting DHS chief testifies on deployment of federal agents to protests The Hill's Morning Report - Presented by the Air Line Pilots Association - Key 48 hours loom as negotiators push for relief deal MORE.

“While there are currently no specific, credible threats against our homeland, DHS continues to monitor the situation and work with our Federal, State and local partners to ensure the safety of every American,” Wolf said in a statement.

Christopher Krebs, who serves as director of the Cybersecurity and Infrastructure Security Agency (CISA) at DHS, urged Americans to exercise caution in cyberspace.

Krebs tweeted Thursday night that he was “re-upping” a warning put out by CISA last year regarding Iranian cyberattacks, and said Americans should be vigilant online.

CISA said in June it was aware that Iran had stepped up its cyberattacks against federal agencies and other critical groups. The statement followed reports that U.S. cyber forces had targeted and taken down Iranian military computer systems following Iran’s shooting down of an American surveillance drone.

Krebs said at the time that “Iranian regime actors and proxies are increasingly using destructive ‘wiper’ attacks, looking to do much more than just steal data and money. These efforts are often enabled through common tactics like spear phishing, password spraying, and credential stuffing. What might start as an account compromise, where you think you might just lose data, can quickly become a situation where you’ve lost your whole network.”

On Friday, New York City Mayor Bill de BlasioBill de BlasioDozens of state, local health leaders fired or resigned amid pandemic: report The Hill's Morning Report - Presented by the Air Line Pilots Association - Key 48 hours loom as negotiators push for relief deal Overnight Health Care: Fauci says family has faced threats | Moderna to charge to a dose for its vaccine | NYC adding checkpoints to enforce quarantine MORE (D) sounded the alarm of potential attacks.

“The problem here is if we end up in a shooting war, then you can expect things like cyberattacks on a level we have never seen before," he said on MSNBC. "And, unfortunately, Iran is a serious, serious adversary when it comes to cyber.”

John Hultquist, director of intelligence analysis at cybersecurity firm FireEye, told The Hill in a statement that the company was “anticipating an elevated threat from the Iranian cyberthreat actors.”

“We will probably see an uptick in espionage, primarily focused on government systems,” Hultquist said, adding that he “also anticipates disruptive and destructive cyberattacks against the private sphere.”

Hultquist said FireEye is “concerned that attempts by Iranian actors to gain access to industrial control system software providers could be leveraged to gain widespread access to critical infrastructure simultaneously.”

Other tech firms have previously warned about aggression in cyberspace from Iran.


In October, Microsoft said that a U.S. presidential campaign, which Reuters identified as Trump's, was targeted by Iranian cybercriminals. The same cyber group also targeted 2,700 other Microsoft email accounts, but ultimately only gained access to four. Trump campaign emails were not among those compromised.

Jake Olcott, a vice president at the cybersecurity group Bitsight and former counsel for the House Homeland Security Committee, told The Hill that in order to counter potential cyberattacks from Iran, it may boil down to both government and industry paying attention to stepping up “basic” cybersecurity protections.

“The bad guys don’t have to develop sophisticated ways of breaking in because people are not doing the basics,” Olcott said. “It’s about knowing outdated browsers and operating systems that are on your network, it’s knowing which systems are at end-of-life, systems that need to be patched, systems that need to be updated.”

Olcott emphasized that “it’s the basic hygiene, and that is what critical infrastructure organizations need to be focused on today.”