Support the news
Massachusetts cybersecurity providers, among the industry's leaders, are bracing for possible Iranian hacking attempts in response to the U.S. strike that killed Iran's top general last week.
Iran said "forceful revenge" would follow the death of Qassem Soleimani, and the Department of Homeland Security warned over the weekend that "Iran maintains a robust cyber program and can execute cyber attacks against the United States."
"I fully expect a holy war to be waged in American cyberspace," said Tom Kellermann, head of cybersecurity strategy at VMware.
VMware's cybersecurity division, based in Waltham, was an independent company called Carbon Black until its $2.1 billion acquisition in October.
"The martyring of this general has awoken the CEOs and [chief information officers] of America to the nature in which hybrid warfare is alive and well," Kellermann said, referring to the prospect that Iran could retaliate through a combination of real-world and online attacks.
"Iran is capable, at a minimum, of carrying out attacks with temporary disruptive
effects against critical infrastructure in the United States," reads a National Terrorism Advisory System bulletin, while noting that "at this time, we have no information indicating a specific, credible threat."
President Trump's decision to take out Soleimani escalated existing tension between Washington and Tehran and, in the days since, "we've definitely had calls from our customers, asking for help and guidance," said Rapid7 Chief Executive Corey Thomas.
Boston-based Rapid7 counts Fortune 10 companies among its clients, Thomas said.
"For people that have a mature cyber program, their threat levels are higher," he added. "It means they're having more intensive monitoring" of their computer systems.
Thomas ranks Iran's overall cyber capabilities below China's and Russia's and said he does not want to "overhype" the threat. But, he noted, "cyber security is one of those domains where a small group of very talented people can do lots of damage."
And, according to Kellermann, Iran has become a more formidable cyber adversary in the past two years through its relationship with Russia.
Both Kellermann and Thomas said the companies most alarmed are those with federal contracts. The companies fear they may have targets on their backs because of their government affiliations.
Support the news