U.S. must be on alert for Iran cyberattacks, says top cyber official

Top cyber official discusses cyber wars escalation with ‘Post’

By YONAH JEREMY BOB
Christopher Krebs (photo credit: CHEN GALILI)
Christopher Krebs
(photo credit: CHEN GALILI)
Iran’s aggressive cyber operations multiplied in recent weeks and then again this past week, the US Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) director Christopher Krebs told The Jerusalem Post on Wednesday.
Krebs spoke to the Post on the sidelines of Tel Aviv University’s Cyber Week conference.
While Krebs leaves questions to the Pentagon about how successful the US or Iranian cyberattacks were against one another in the unusually public recent cyberwarfare exchange (and the Pentagon is not commenting), he made it clear that the Islamic republic had escalated twice compared to its normal activity.
He said “The roll of my agency is to help the private sector enable risk management efforts.”
To accomplish that goal and encourage “threat information sharing with the private sector,” he noted his agency’s unusual public statement this past weekend warning of Tehran’s increased cyber operations.
Next, he said that there is “enough information from the private sector, plus geopolitical tensions are rising. There has been shipping interference and the shooting down of the drone. We need to make sure that the private sector understands the escalating risk.”
He said the message needed to get through not only to CISOs, but also to more general security officials, executive boards and the American people more broadly.
Krebs has been quoted as saying that all Americans are now potential cyber targets of Iran in one form or another.
These attacks are particularly vicious because they are sometimes not mere attacks to deface websites or collect information, but also sometimes to completely wipe out a target’s hard drive.
This means that it is crucial to “increase resilience among the American people, to draw attention to the techniques used by Iran,” he said.
To avoid “spear phishing,” targeted personalized emails designed to get people to give away their personal information, he said to “be on the lookout for anything that is a bit off – language, spelling, like the use of British-style spelling. Scrutinize what comes in and use multifactor authentication.”
Not all multifactor authentication is equal though, and while Krebs is not advertising particular brands, he did say positive things about azure, Google and hardkey authentication.
Moving on to the question of how ready the US is to combat Russian attempts to hack future US elections like it did in 2016, he said that the US had improved a lot, but was in a race without end (paraphrasing an official from Vermont).
Asked if smaller US states with fewer resources and weaker tech-knowhow could help to fend off Russia’s powerful hacking apparatus, he said, “We work with those states and counties to provide as much information as possible about the threat.”
He added that a “number of partnerships and governance mechanisms” are being used to increase small states’ “resources and tools, which they do not have yet… We need to help them get to a place of auditability,” so that these authorities can better understand and plug their holes.
Krebs noted that his agency is pushing as much as possible to get to paper-based systems without as much electronic (read: hackable) involvement and that US President Donald Trump has been supportive of the paper ballot push.
The US cyber official cited Trump’s support for paper ballots and his affirmation that Russia tried to hack the 2016 election when asked about differences between the president and his intelligence and cyber staff over the nature of Moscow’s intervention.
He stayed away from any of the allegations in the media that Trump’s denial of Russia’s attempt to help him in 2016 have sometimes interfered with an otherwise generally resilient US cyber apparatus.
KREBS COMPLIMENTED the US Congress for working hand-in-hand with his office to up the government’s cyberdefense game.
One major goal of the US cyber official has been to align with US policy in the trade war with China and to minimize perceived US vulnerabilities to Chinese technology and parts both in the short-term and long-term.
Acknowledging that in some areas, Chinese parts were deeply embedded in US infrastructure and could not be replaced for years, he said that this project would be ongoing.
Pressed that Israel does not view China as a threat the way the US does and that Jerusalem continues to elevate its economic and technological exchanges with Beijing, Krebs said Israel “should be careful how close you bring them in.”
While there is some debate in Israel about whether to grant China the highly sensitive job of managing its Haifa port, generally Israeli cyber and intelligence professionals are far more positive about China and less threatened by its technology than their US counterparts.
Despite his reservations, Krebs also did say he believed there would same day be a trade deal and resolution between the US and China.
Regarding US-Israel cyber cooperation, he said that “Israel’s National Cyber Directorate [INCD] is one of our strongest partners. We work very close with [INCD chief] Yigal Unna and his team…in a number of areas, including aviation, cyber security, infrastructure cyber security and information sharing.”
He said he had brought a large team with him to Israel, had made sure to attend the Cyber Week conference at TAU two years in a row and that the US-Israel relationship was expressed as a “top priority” through personnel exchanges in both directions.


Related Tags
cyberwarfare