Cyberwarfare / Nation-State Attacks , Fraud Management & Cybercrime , Governance & Risk Management
Congressmen Call for Enhanced Financial Sector Security
Nine Federal Agencies Asked to Take Action in Light of Iranian ThreatsTwo Democratic Congressmen have sent letters to nine federal financial regulatory agencies asking that take action to shore up cyber defenses in the sector because of looming security threats from Iran.
See Also: Protecting Australia’s Vital Energy Grid with Stronger Security Culture
The move comes in the wake of a U.S. drone attack last week that killed Iranian Major General Qasem Soleimani and Iran’s retaliatory missile strikes this week against bases in Iraq housing American troops (see: Iranian Cyberattacks: 10 Must-Have Defenses).
Meanwhile, on Wednesday, the FBI and Department of Homeland Security issued a security bulletin to local law enforcement warning of Iranian-sponsored cyberattacks, although no specific threats were disclosed, according to CNN
In their letter sent this week, Democratic representatives Emanuel Cleaver II, D-Mo., and Gregory Meeks, D-N.Y., who both sit on the House Financial Services Committee, wrote that there is an impending threat to the financial services infrastructure, not only in the U.S. but across the globe. They urged the regulatory agencies to strengthen the cyber protections that guard against disruption in financial markets.
A Call to Action
The congressmen sent the letter to the Federal Reserve, Treasury Department, Securities and Exchange Commission, Federal Deposit Insurance Corp., Consumer Financial Protection Bureau, Federal Housing Finance Agency, Commodity Futures Trading Commission, National Credit Union Administration and the Office of the Comptroller of the Currency.
They requested that these nine agencies propose specific security strategies by March.
"We urge you, our nation’s financial regulators, to work in coordination with law enforcement and regulated entities to increase sharing of appropriate cyber threat information," the Congressmen wrote. "We request that your institutions communicate a strategy to further mitigate existing cyber vulnerabilities within our financial institutions by March 2020."
The Iranians have proven to be exceptionally capable in regards to cyber warfare, and we must do everything in our power to ensure our financial system and institutions aren’t susceptible to major disruptions that could devastate the American economy.
— Rep. Emanuel Cleaver (@repcleaver) January 8, 2020
Information Security Media Group reached out to all nine regulatory agencies on Thursday for comment. The only agency to respond, the Office of the Comptroller of the Currency, declined to comment.
Past Attacks
In the letter, Meeks and Cleaver pointed to Iran’s previous cyberattacks that affected U.S. financial institutions.
Between December 2011 and May 2013, 46 major U.S. financial services firms sustained distributed denial-of-service attacks conducted by an Iranian hactivist group (see: Analysis: Threat Posed by Pro-Iranian Hackers). The attacks left thousands of customers of Bank of America, Capital One, JP Morgan Chase, PNC, the New York Stock Exchange and Nasdaq, among many others, unable to access their accounts and led to the organizations spending millions on mitigation.
In the years since the DDoS attacks, security experts say, Iran has increased its cyber capabilities and could target critical infrastructure within the U.S.
Homeland Security officials have warned about Iran's increased ability to deploy so-called "wiper" attacks, which use malicious code designed to overwrite systems or otherwise leave them unusable and unrecoverable (see: DHS: Conflict With Iran Could Spur 'Wiper' Attacks).
"Iran has proven to be exceptionally capable when it comes to cyberwarfare," Cleaver says in a statement. "As tensions with the Iranian regime continue to unnecessarily escalate, it’s critical that financial regulators and individual institutions be proactive in preparation for potential cyber-attacks against our financial system. While I’m hopeful we can avoid any further conflict, it’s important we be prepared to protect consumers and defend our financial system from any major disruptions."
Website Defacements
A few days after the death of Soleimani following a U.S. drone strike, hacker groups sympathetic to Iran started defacing U.S. government websites, including the official website of the U.S. Federal Depository Library Program (see: US Government Website Defaced With Pro-Iran Message).
Homeland Security officials noted the defacement was not part of a larger cyber conflict between the U.S. and Iran.