House Democrats request briefings on Iranian cyber threats from DHS, FCC

The Democratic leaders of the House Energy and Commerce Committee on Wednesday requested briefings from two key federal agencies on efforts to secure the nation’s telecommunications against potential Iranian cyberattacks, as another House committee also put the spotlight on Iranian cyber threats.

House Energy and Commerce Committee Chairman Frank Pallone (D-N.J.) and Rep. Mike Doyle (D-Penn.), the chair of the subcommittee on communications and technology, sent letters to the Department of Homeland Security (DHS) and the Federal Communications Commission (FCC) asking for briefings on what steps have been taken to “warn telecommunications providers of potential cyberattacks on critical communications networks and how the providers should prepare for and defend against such attacks.”

Congressional concern over potential cyberattacks from Iran have spiked this month in the wake of the U.S. targeting and killing Iranian Gen. Qassem Soleimani. 

Iran is widely regarded to be among the most dangerous threats to the U.S. in cyberspace alongside Russia, North Korea, and China. According to the most recent Worldwide Threat Assessment put out by former Director of National Intelligence Daniel Coats Iran has the ability to cause “temporary disruptive effects” on U.S. infrastructure through a cyberattack.  

DHS issued a bulletin last week warning of Iran’s ability to attack the U.S. in cyberspace, and separately sent a bulletin to law enforcement in conjunction with the FBI noting their belief that Iran would attempt to target the U.S. through a cyberattack. 

“We are concerned that Iran, its allies, or other entities wishing to take advantage of this situation might retaliate by attacking U.S. communications networks, or use such networks to attack other targets,” Pallone and Doyle wrote on Wednesday. “To protect the American people, the government must proactively work with industry to identify potential threats and aid carriers in the defense of critical communications infrastructure.”

The lawmakers gave the FCC and DHS until Feb. 5 to provide them with briefings, which they noted could take place in a classified setting “if necessary.” 

A spokesperson for the FCC declined to comment on the letter, while DHS did not immediately respond to The Hill’s request for comment.

The House Energy and Commerce Committee was not the only panel to address potential cyber threats from Iran on Wednesday.

The House Homeland Security Committee held a hearing on Wednesday morning to explore Iranian threats to homeland in relation to the death of Soleimani, with potential cyberattacks a major focus of the event.  

Rep. Bennie Thompson (D-Miss.), the chairman of the Homeland Security Committee, said during his opening remarks that he wanted to understand whether “potential targets are prepared to defend against Iranian cyber threats.” 

He noted that “although there have been no specific threats to critical infrastructure, escalation of tensions with any adversary demand that we take stock of all the current measures we employ to defend ourselves. This is particularly true in the case of Iran, a country that is unpredictable in its responses and hides behind proxies and sympathizers to do its dirty work.” 

Rep. John Katko (R-N.Y.), the top Republican on the committee’s cybersecurity subcommittee, said that he viewed cybersecurity vulnerabilities as “the greatest threat to our country right now.”

“The consensus is that the easiest and perhaps most effective way to fight back for state actors that are bad actors or individuals that are bad actors around the world are cyberattacks,” Katko said. “We didn’t do enough on 9/11 to stop what happened on 9/11, and to me the biggest concern I have is the vulnerability of this country to cyberattacks.”

Witnesses also sounded the alarm on the potential for Iran to strike back at the U.S. in cyberspace in connection to the killing of Soleimani.

Lt. Gen. Vincent Stewart, the former director of the Defense Intelligence Agency, testified that the recent Iranian missile strikes on an Iraqi base housing American troops will not be enough to satisfy Iranian leadership. 

“Listen to what the Iranian leadership says, the artillery strikes are not enough, they can’t defend everywhere,” Stewart said. “Americans are more vulnerable to cyber threats than any other nation because of their high level of dependency on cyber infrastructure. It is important for us to listen to what their leaders say.”

Thomas Warrick, a non-resident senior fellow at the Atlantic Council and a witness at the hearing, emphasized that anything the U.S. did to Iran in cyberspace Iran will “do back at us in some unusual way.”

“Cyber threats from Iran are certain and ongoing,” Warrick said.