SPONSORED:

Senators set for briefing on cyber threats from Iran

Senators set for briefing on cyber threats from Iran
© Greg Nash

Senators on the Homeland Security and Governmental Affairs Committee were set to receive a classified briefing Tuesday on threats from Iran, including the possibility of a retaliatory cyberattack in response to the killing of Iranian Gen. Qassem Soleimani.

Committee members were to be briefed by officials from the Department of Homeland Security (DHS).

“I will confirm we are holding it,” Senate Homeland Security Committee Chairman Ron JohnsonRonald (Ron) Harold JohnsonSenators battle over Supreme Court nominee in rare Saturday session Sunday shows preview: Trump, Biden gear up for final sprint to Election Day Two Loeffler staffers test positive for COVID-19 MORE (R-Wis.) told The Hill. He said it would “run the full spectrum of what they are preparing themselves for,” including potential cyberattacks.

ADVERTISEMENT

Sen. Gary PetersGary Charles PetersThe Hill's Campaign Report: 2020 spending wars | Biden looks to clean up oil comments | Debate ratings are in Jaime Harrison raises million in two weeks for South Carolina Senate bid BlackPAC rolls out Senate race endorsements for the first time MORE (D-Mich.), the top Democrat on the committee, also confirmed the briefing was taking place, and added that cyberattacks on the U.S. are “certainly a very probable option [Iran] will exercise.”

“It’s about making sure we are working with private industry throughout the country as well, particularly critical infrastructure, to make sure they are engaged,” Peters said. 

Both DHS and the Cybersecurity and Infrastructure Security Agency (CISA) have issued bulletins this week warning of the heightened potential for Iran to attack the U.S. through both cyber and physical means. They have emphasized that they have “no information indicating a specific, credible threat to the Homeland.”

“Iran and its proxies and sympathizers have a history of leveraging cyber and physical tactics to pursue national interests, both regionally and here in the United States,” CISA wrote in a memo on Monday night. 

“CISA strongly urges you to assess and strengthen your basic cyber and physical defenses to protect against this potential threat,” the agency wrote.

ADVERTISEMENT

A wider briefing is due to take place on Wednesday, when the full Senate will be briefed in a classified setting by government officials on Iranian threats.

Iran has long been counted by members of Congress and the U.S. government as one of the main nation states posing a cyber threat to the U.S., alongside Russia, China and North Korea.

The 2019 Worldwide Threat Assessment, compiled by former Director of National Intelligence Daniel Coats and presented to the Senate Intelligence Committee last year, found that Iran had attempted to deploy cyberattack capabilities that would allow it to attack “critical infrastructure in the United States and allied countries.”

The assessment noted that Iran has the capability to launch cyberattacks that cause “localized, temporary disruptive effects—such as disrupting a large company’s corporate networks for days to weeks.”

Sen. Ron WydenRonald (Ron) Lee WydenPlaintiff and defendant from Obergefell v. Hodges unite to oppose Barrett's confirmation Senate Democrats call for ramped up Capitol coronavirus testing House Democrats slam FCC chairman over 'blatant attempt to help' Trump MORE (D-Ore.), a member of the Senate Intelligence Committee, told reporters on Tuesday that Iran’s unpredictability made it a threat.

“I’m not going to get into specifics because I am on the Intelligence Committee, but what I will tell you is the history of Iran is they are unpredictable, they use militias, they use proxies, they are unpredictable,” Wyden said.

Earlier this week, the first signs of potential Iranian cyberattack appeared when the homepage of the Federal Depository Library Program was briefly defaced with a picture of President TrumpDonald John TrumpFox News president, top anchors advised to quarantine after coronavirus exposure: report Six notable moments from Trump and Biden's '60 Minutes' interviews Biden on attacks on mental fitness: Trump thought '9/11 attack was 7/11 attack' MORE being punched in the face by a person wearing an Islamic Revolutionary Guard Corps symbol. Text under the picture read “Hacked by Iran Cyber Security Group Hackers. This is only a small part of Iran's cyber ability! We're always ready.”

During an appearance at the Council on Foreign Relations on Tuesday, Sen. Angus KingAngus KingSenate Democrats hold talkathon to protest Barrett's Supreme Court nomination Democratic Senate emerges as possible hurdle for progressives  Collins says running as Independent 'crossed my mind' MORE (I-Maine), the co-chairman of the Cyberspace Solarium Commission, called for the government to bring in cyber experts to try to hack U.S. systems to find vulnerabilities.

“I want the most bloodthirsty, vicious, brilliant hackers in the world working for us, trying to hack our own network so they can tell our network people, whether they are at the Department of Defense, the CIA, the White House, or Congress where the problems are,” King said. “I think that’s a principle that we ought to be pushing both within the federal government and in the private sector.”

Top officials and experts have warned in recent days that Iran may seek to target the U.S. through attacking critical infrastructure, such as the oil and gas and electricity sectors, along with industrial control systems.

Cybersecurity group Crowdstrike said in a statement on Monday that it has been monitoring potential Iranian cyberattacks, and “believes that Iranian adversaries are likely to leverage a broad range of means, including cyber operations, against U.S. and allied interests.” 

The company added that “our current assessment is that organizations in the financial, defense, government, and oil and gas sectors are the most likely targets for retaliation activity.”

Steve Grobman, the senior vice president and CTO of cybersecurity company McAfee, warned Monday that “organizations in the United States and allied countries need to be prepared for potential cyber-attacks given the current tensions with Iran.”

“Attackers can launch cyber warfare campaigns to inflict significant damage or disruption and do so without geographic proximity to their target,” Grobman warned in a statement. “The United States is a target-rich environment for potential cyber-attacks, both in critical infrastructure and across a wide range of business interests.”