House Democrats urge financial regulators to defend against Iranian cyberattacks

House Democrats urge financial regulators to defend against Iranian cyberattacks
© Greg Nash

Two House Democrats pushed top financial regulators including the Treasury Department this week to step up their defenses against potential Iranian cyberattacks, with the risk of Iran attacking U.S. critical infrastructure increasing this week following the death of top Iranian Gen. Qassem Soleimani.

Reps. Emanuel Cleaver (D-Mo.) and Gregory MeeksGregory Weldon MeeksHouse passes sweeping defense policy bill Overnight Defense & National Security — Iron Dome funding clears House Overnight Defense & National Security — Presented by AM General — Defense bill takes center stage MORE (D-N.Y.), both of whom serve on the House Financial Services Committee, sent letters to Treasury Secretary Steven MnuchinSteven MnuchinThe Hill's Morning Report - Presented by Alibaba - Biden jumps into frenzied Dem spending talks Former Treasury secretaries tried to resolve debt limit impasse in talks with McConnell, Yellen: report Menendez, Rubio ask Yellen to probe meatpacker JBS MORE and to agencies including the Federal Reserve and the Office of the Comptroller of the Currency asking that they give attention to potential debilitating Iranian cyber threats to the finance sector.

“We urge you, our nation’s financial regulators, to work in coordination with law enforcement and regulated entities to increase sharing of appropriate cyber threat information,” Cleaver and Meeks wrote. “We request that your institutions communicate a strategy to further mitigate existing cyber vulnerabilities within our financial institutions by March 2020.”


The two House Democrats pointed to past Iranian cyberattacks in 2012, when Iran targeted denial of service attacks at Wells Fargo, JPMorgan Chase and Bank of America, which involved overwhelming the companies’ systems by flooding them with internet traffic requests.

The members also cited top government officials, such as those from the Department of Homeland Security (DHS), who in recent days warned of Iran’s ability to successfully target other critical infrastructure in urging the financial regulators to take action.

“In response to the heightened and credible threats as articulated by U.S. national security elements, we urge financial regulators to strengthen their existing financial infrastructure against potential cyber-attacks,” Cleaver and Meeks wrote.

Letters were also sent to the Securities and Exchange Commission, the Federal Deposit Insurance Corporation, the Consumer Financial Protection Bureau, the Federal Housing Finance Agency, the Commodity Futures Trading Commission, and the National Credit Union Administration.

“Iran has proven to be exceptionally capable when it comes to cyber warfare,” Cleaver, who serves as chairman of the House Financial Services Committee’s subcommittee on national security, said in a separate statement on Wednesday. “As tensions with the Iranian regime continue to unnecessarily escalate, it’s critical that financial regulators and individual institutions be proactive in preparation for potential cyber-attacks against our financial system.”

Meeks, who chairs the House Financial Services Committee’s subcommittee on financial institutions and consumer protections, added that "given President TrumpDonald TrumpGraham says he hopes that Trump runs again Trump says Stacey Abrams 'might be better than existing governor' Kemp Executive privilege fight poses hurdles for Trump MORE’s reckless escalation with Iran, we need to make sure that our financial sector is insulated from Iran's inevitable retaliation."


The letters were sent in the wake of concerns from government officials and experts that Iran may seek to launch a cyberattack against U.S. critical infrastructure and companies following the targeting and killing of Soleimani.

DHS in particular has ramped up protections against cyber threats, and has issued multiple bulletins warning of Iran’s capabilities in cyberspace while stressing that there are currently no “credible” threats.

On Wednesday, Acting DHS Secretary Chad WolfChad WolfSunday shows preview: States deal with fallout of Ida; Texas abortion law takes effect Biden, Trump battle over who's to blame for Afghanistan The border is shifting from a manufactured crisis to a national embarrassment MORE tweeted that he had visited the Cybersecurity and Infrastructure Security Agency (CISA), DHS’s cyber agency, to “discuss cyber threats, election security, Iranian cyber capabilities & the impressive work CISA does to protect critical infrastructure.”

Wolf noted that CISA employees have “been training for years & stand vigilant to respond to any threat against the homeland should one arise.”

Congress as a whole has been focused on potential Iranian threats, both cyber and physical, this week, with both the House and Senate receiving briefings from Wolf and other top administration officials on the situation with Iran. Wolf also separately briefed the Senate Homeland Security Committee on Tuesday on Iranian threats.