House Democrats urge financial regulators to defend against Iranian cyberattacks

House Democrats urge financial regulators to defend against Iranian cyberattacks
© Greg Nash

Two House Democrats pushed top financial regulators including the Treasury Department this week to step up their defenses against potential Iranian cyberattacks, with the risk of Iran attacking U.S. critical infrastructure increasing this week following the death of top Iranian Gen. Qassem Soleimani.

Reps. Emanuel Cleaver (D-Mo.) and Gregory MeeksGregory Weldon MeeksOcasio-Cortez defends decision not to pay dues to House Democratic campaign arm Hillicon Valley: Lawmakers say Facebook deepfake ban falls short | House passes bills to win 5G race | Feds sound alarm on cyberthreat from Iran | Ivanka Trump appearance at tech show sparks backlash House Democrats urge financial regulators to defend against Iranian cyberattacks MORE (D-N.Y.), both of whom serve on the House Financial Services Committee, sent letters to Treasury Secretary Steven MnuchinSteven Terner MnuchinDeficits to average record .3 trillion over next decade: CBO UK to allow Huawei in parts of its 5G network in blow to US The Hill's Morning Report - Report of Bolton tell-all manuscript roils Trump defense MORE and to agencies including the Federal Reserve and the Office of the Comptroller of the Currency asking that they give attention to potential debilitating Iranian cyber threats to the finance sector.

“We urge you, our nation’s financial regulators, to work in coordination with law enforcement and regulated entities to increase sharing of appropriate cyber threat information,” Cleaver and Meeks wrote. “We request that your institutions communicate a strategy to further mitigate existing cyber vulnerabilities within our financial institutions by March 2020.”


The two House Democrats pointed to past Iranian cyberattacks in 2012, when Iran targeted denial of service attacks at Wells Fargo, JPMorgan Chase and Bank of America, which involved overwhelming the companies’ systems by flooding them with internet traffic requests.

The members also cited top government officials, such as those from the Department of Homeland Security (DHS), who in recent days warned of Iran’s ability to successfully target other critical infrastructure in urging the financial regulators to take action.

“In response to the heightened and credible threats as articulated by U.S. national security elements, we urge financial regulators to strengthen their existing financial infrastructure against potential cyber-attacks,” Cleaver and Meeks wrote.

Letters were also sent to the Securities and Exchange Commission, the Federal Deposit Insurance Corporation, the Consumer Financial Protection Bureau, the Federal Housing Finance Agency, the Commodity Futures Trading Commission, and the National Credit Union Administration.

“Iran has proven to be exceptionally capable when it comes to cyber warfare,” Cleaver, who serves as chairman of the House Financial Services Committee’s subcommittee on national security, said in a separate statement on Wednesday. “As tensions with the Iranian regime continue to unnecessarily escalate, it’s critical that financial regulators and individual institutions be proactive in preparation for potential cyber-attacks against our financial system.”

Meeks, who chairs the House Financial Services Committee’s subcommittee on financial institutions and consumer protections, added that "given President TrumpDonald John TrumpCNN's Don Lemon explains handling of segment after Trump criticism NPR reporter after Pompeo clash: Journalists don't interview government officials to score 'political points' Lawyer says Parnas can't attend Senate trial due to ankle bracelet MORE’s reckless escalation with Iran, we need to make sure that our financial sector is insulated from Iran's inevitable retaliation."


The letters were sent in the wake of concerns from government officials and experts that Iran may seek to launch a cyberattack against U.S. critical infrastructure and companies following the targeting and killing of Soleimani.

DHS in particular has ramped up protections against cyber threats, and has issued multiple bulletins warning of Iran’s capabilities in cyberspace while stressing that there are currently no “credible” threats.

On Wednesday, Acting DHS Secretary Chad WolfChad WolfOvernight Health Care — Presented by Philip Morris International — HHS has no plans to declare emergency over coronavirus | GOP senator calls for travel ban to stop outbreak | Warren releases plan to contain infectious diseases GOP senator calls for travel ban to stop coronavirus spread Senators press DHS over visa approval for Pensacola naval base shooter MORE tweeted that he had visited the Cybersecurity and Infrastructure Security Agency (CISA), DHS’s cyber agency, to “discuss cyber threats, election security, Iranian cyber capabilities & the impressive work CISA does to protect critical infrastructure.”

Wolf noted that CISA employees have “been training for years & stand vigilant to respond to any threat against the homeland should one arise.”

Congress as a whole has been focused on potential Iranian threats, both cyber and physical, this week, with both the House and Senate receiving briefings from Wolf and other top administration officials on the situation with Iran. Wolf also separately briefed the Senate Homeland Security Committee on Tuesday on Iranian threats.