US officials, lawmakers warn of potential Iranian cyberattacks

US officials, lawmakers warn of potential Iranian cyberattacks

Senior government officials and lawmakers warned Friday that Iran may attempt to carry out cyberattacks against the U.S. in retaliation for the killing of Quds Force commander Qassem Soleimani.

"The Iranians have a deep and complex cyber capability, to be sure. Know that we have certainly considered that risk,” Secretary of State Mike PompeoMike PompeoTrump: 'I can't imagine' any Republican would beat me in 2024 primary if I run Green New Deal's 3 billion ton problem: sourcing technology metals US condemns arrests of pro-democracy activists in Hong Kong MORE said on Fox News.

His remarks came the same day that Iranian Supreme Leader Ayatollah Ali Khamenei said a “harsh retaliation is waiting” for the U.S. after President TrumpDonald TrumpProsecutors focus Trump Organization probe on company's financial officer: report WHO official says it's 'premature' to think pandemic will be over by end of year Romney released from hospital after fall over the weekend MORE ordered a drone strike in Baghdad that killed Soleimani.


Lawmakers said the strike has raised the odds of possible attacks from Iran, long-identified as one of the top international cyber threats to the U.S.

House Homeland Security Committee Chairman Bennie ThompsonBennie Gordon ThompsonLawmakers line up behind potential cyber breach notification legislation NAACP president accuses Trump of having operated under 'white supremacist doctrine' Lawmakers blame SolarWinds hack on 'collective failure' to prioritize cybersecurity MORE (D-Miss.) told The Hill in a statement that “President Trump’s reckless actions in the Middle East have made us less secure and risk serious consequences for the security of the homeland by escalating an already volatile situation. We have to be vigilant.”

Rep. Elissa SlotkinElissa SlotkinTwo men charged with making threatening calls to Michigan officials House Democrats request documents from DHS intelligence office about Jan. 6 attack Lawmakers mull domestic terrorism statute in wake of Jan. 6 attack MORE (D-Mich.), who formerly worked as a CIA analyst and served three tours in Iraq focused on Iran-backed militias, also strongly warned of the potential for attacks on the U.S.

“The Iranian government has vowed to retaliate and avenge Soleimani’s death, and could do so in any number of ways: against our diplomats and service members or high-ranking military officers, against our allies and partners in the region, or through targeted attacks in the Western world,” Slotkin said in a statement. “It is critical that the Administration has thought out the moves and counter-moves this attack will precipitate.”

Both Thompson and Slotkin have been heavily involved in drafting and advancing cybersecurity legislation.

Rep. John KatkoJohn Michael KatkoBiden officials urge patience on immigration amid border surge Lawmakers line up behind potential cyber breach notification legislation Lawmakers blame SolarWinds hack on 'collective failure' to prioritize cybersecurity MORE (N.Y.), the top Republican on the Homeland Security Committee's cybersecurity subcommittee, said in a statement that “we must remain focused on keeping this country safe from retaliation – not only on the ground in the Middle East and here at home, but from potential cyberattacks against our nation.”


Top officials at the Department of Homeland Security (DHS) met over the past two days to discuss any potential threats stemming from Thursday's deadly airstrike, according to acting Secretary Chad WolfChad WolfSunday shows preview: 2024 hopefuls gather at CPAC; House passes coronavirus relief; vaccine effort continues Liberal watchdog group files ethics complaint over Boebert's reimbursements Left-leaning group to track which companies hire former top Trump aides MORE.

“While there are currently no specific, credible threats against our homeland, DHS continues to monitor the situation and work with our Federal, State and local partners to ensure the safety of every American,” Wolf said in a statement.

Christopher Krebs, who serves as director of the Cybersecurity and Infrastructure Security Agency (CISA) at DHS, urged Americans to exercise caution in cyberspace.

Krebs tweeted Thursday night that he was “re-upping” a warning put out by CISA last year regarding Iranian cyberattacks, and said Americans should be vigilant online.

CISA said in June it was aware that Iran had stepped up its cyberattacks against federal agencies and other critical groups. The statement followed reports that U.S. cyber forces had targeted and taken down Iranian military computer systems following Iran’s shooting down of an American surveillance drone.

Krebs said at the time that “Iranian regime actors and proxies are increasingly using destructive ‘wiper’ attacks, looking to do much more than just steal data and money. These efforts are often enabled through common tactics like spear phishing, password spraying, and credential stuffing. What might start as an account compromise, where you think you might just lose data, can quickly become a situation where you’ve lost your whole network.”

On Friday, New York City Mayor Bill de BlasioBill de BlasioNY House Democrat calls for Cuomo to resign after latest allegation Third woman accuses Cuomo of unwanted sexual advances Clinton: Allegations against Cuomo 'raise serious questions,' deserve probe MORE (D) sounded the alarm of potential attacks.

“The problem here is if we end up in a shooting war, then you can expect things like cyberattacks on a level we have never seen before," he said on MSNBC. "And, unfortunately, Iran is a serious, serious adversary when it comes to cyber.”

John Hultquist, director of intelligence analysis at cybersecurity firm FireEye, told The Hill in a statement that the company was “anticipating an elevated threat from the Iranian cyberthreat actors.”

“We will probably see an uptick in espionage, primarily focused on government systems,” Hultquist said, adding that he “also anticipates disruptive and destructive cyberattacks against the private sphere.”

Hultquist said FireEye is “concerned that attempts by Iranian actors to gain access to industrial control system software providers could be leveraged to gain widespread access to critical infrastructure simultaneously.”

Other tech firms have previously warned about aggression in cyberspace from Iran.


In October, Microsoft said that a U.S. presidential campaign, which Reuters identified as Trump's, was targeted by Iranian cybercriminals. The same cyber group also targeted 2,700 other Microsoft email accounts, but ultimately only gained access to four. Trump campaign emails were not among those compromised.

Jake Olcott, a vice president at the cybersecurity group Bitsight and former counsel for the House Homeland Security Committee, told The Hill that in order to counter potential cyberattacks from Iran, it may boil down to both government and industry paying attention to stepping up “basic” cybersecurity protections.

“The bad guys don’t have to develop sophisticated ways of breaking in because people are not doing the basics,” Olcott said. “It’s about knowing outdated browsers and operating systems that are on your network, it’s knowing which systems are at end-of-life, systems that need to be patched, systems that need to be updated.”

Olcott emphasized that “it’s the basic hygiene, and that is what critical infrastructure organizations need to be focused on today.”