Move over, Russia and China. Iran is making a bid for the United States’ chief cybersecurity rival. “For the first time in my career, I’m not convinced we’re responding more to Russia or China,” FireEye CEO Kevin Mandia said in a report published last week.
“It feels to me that the majority of the actors we’re responding to right now are hosted in Iran, and they are state-sponsored.” It’s a growing consensus among other major cybersecurity firms, too.
And it may just be the beginning of Iranian hackers’ increased prominence, as we’ve warned in this space. The Iranian government-backed hackers whom FireEye pegged as culprits behind a malware campaign began operations last month. That’s one month after President Donald Trump disavowed the deal that Tehran struck with Washington, D.C., and several other nations to reduce its nuclear program in exchange for the repeal of economic sanctions. As Eric wrote in September, cyber experts have long predicted that a U.S. retreat from the deal would prompt Iran to turn to yet more cyberattacks — although some of the Iranian uptick predates that, such as the HBO hack, which some firms have blamed Iranian government hackers.
HAPPY MONDAY and welcome to Morning Cybersecurity! Rattle and hum, Earth. Send your thoughts, feedback and especially tips to firstname.lastname@example.org and be sure to follow @timstarks, @POLITICOPro and @MorningCybersec. Full team info below.
KASPERSKY ON THE MOVE — Antivirus firm Kaspersky Lab is shutting down its Washington, D.C. area office after the government banned federal agencies from using the Russia-based company’s software, a spokesperson told MC. “We are closing our facility in Arlington [Va.] as the opportunity for which the office was opened and staffed is no longer viable,” the company said. The move, first reported by Bloomberg, accompanies new offices opening in North America, notably Chicago, Los Angeles and Toronto — a signal that the company intends to remain a presence on the continent, according to Vice President Anton Shingarev. Shingarev said the federal ban will only cost the company a “single-digit” percentage decline in revenue.
NIELSEN TAKES OFFICE — President Donald Trump skipped out on any mention of cybersecurity during the swearing in of new Homeland Security Secretary Kirstjen Nielsen late last week, instead emphasizing border security almost entirely. Border security, Trump said, is “one of the certainly important things. I can’t ever say anything is the most important, because our military is the most important, and lots of other things. But this is right there. This is one of the real big issues.” Trump did tout Nielsen’s cybersecurity background when he introduced her as the nominee in October, however. She’ll have a full cybersecurity agenda from day one at the department.
NATO, EU COMMIT TO DEEPER CYBER TIES — NATO and European Union officials met over the weekend in Brussels to strengthen their cooperation on cyber issues, including information sharing, training and simulations. Also on the agenda, according to a NATO statement, was the alliance’s recent decision to “recognise [sic] cyberspace as a domain of operations” and proposed EU cyber regulations. The meeting also involved “identifying new areas where more can be done — such as the sharing of best practice on crisis management and response,” said Dr. Jamie Shea, NATO’s deputy assistant secretary general for emerging security challenges, in a statement.