Two House Democrats pushed top financial regulators including the Treasury Department this week to step up their defenses against potential Iranian cyberattacks, with the risk of Iran attacking U.S. critical infrastructure increasing this week following the death of top Iranian Gen. Qassem Soleimani.
Reps. Emanuel Cleaver (D-Mo.) and Gregory Meeks (D-N.Y.), both of whom serve on the House Financial Services Committee, sent letters to Treasury Secretary Steven Mnuchin and to agencies including the Federal Reserve and the Office of the Comptroller of the Currency asking that they give attention to potential debilitating Iranian cyber threats to the finance sector.
“We urge you, our nation’s financial regulators, to work in coordination with law enforcement and regulated entities to increase sharing of appropriate cyber threat information,” Cleaver and Meeks wrote. “We request that your institutions communicate a strategy to further mitigate existing cyber vulnerabilities within our financial institutions by March 2020.”
The two House Democrats pointed to past Iranian cyberattacks in 2012, when Iran targeted denial of service attacks at Wells Fargo, JPMorgan Chase and Bank of America, which involved overwhelming the companies’ systems by flooding them with internet traffic requests.
The members also cited top government officials, such as those from the Department of Homeland Security (DHS), who in recent days warned of Iran’s ability to successfully target other critical infrastructure in urging the financial regulators to take action.
“In response to the heightened and credible threats as articulated by U.S. national security elements, we urge financial regulators to strengthen their existing financial infrastructure against potential cyber-attacks,” Cleaver and Meeks wrote.
Letters were also sent to the Securities and Exchange Commission, the Federal Deposit Insurance Corporation, the Consumer Financial Protection Bureau, the Federal Housing Finance Agency, the Commodity Futures Trading Commission, and the National Credit Union Administration.
“Iran has proven to be exceptionally capable when it comes to cyber warfare,” Cleaver, who serves as chairman of the House Financial Services Committee’s subcommittee on national security, said in a separate statement on Wednesday. “As tensions with the Iranian regime continue to unnecessarily escalate, it’s critical that financial regulators and individual institutions be proactive in preparation for potential cyber-attacks against our financial system.”
Meeks, who chairs the House Financial Services Committee’s subcommittee on financial institutions and consumer protections, added that “given President Trump’s reckless escalation with Iran, we need to make sure that our financial sector is insulated from Iran’s inevitable retaliation.”
The letters were sent in the wake of concerns from government officials and experts that Iran may seek to launch a cyberattack against U.S. critical infrastructure and companies following the targeting and killing of Soleimani.
DHS in particular has ramped up protections against cyber threats, and has issued multiple bulletins warning of Iran’s capabilities in cyberspace while stressing that there are currently no “credible” threats.
On Wednesday, Acting DHS Secretary Chad Wolf tweeted that he had visited the Cybersecurity and Infrastructure Security Agency (CISA), DHS’s cyber agency, to “discuss cyber threats, election security, Iranian cyber capabilities & the impressive work CISA does to protect critical infrastructure.”
Wolf noted that CISA employees have “been training for years & stand vigilant to respond to any threat against the homeland should one arise.”
Congress as a whole has been focused on potential Iranian threats, both cyber and physical, this week, with both the House and Senate receiving briefings from Wolf and other top administration officials on the situation with Iran. Wolf also separately briefed the Senate Homeland Security Committee on Tuesday on Iranian threats.