Skip to content
Don't miss

Get the daily Cyber Briefing in your inbox

SIGN UP
Podcast

To the Point: Iran’s Cyber Threat After Israel’s Strikes

Season 0 Episode 0 •

Show Notes

As tensions explode between Israel and Iran, what cyber threats could hit the U.S. next? In this urgent episode of To the Point, host Frank Cilluffo sits down with Admiral (Ret.) Mark Montgomery—cybersecurity expert and longtime Solarium Commission leader—to assess the growing risk of Iranian cyberattacks on U.S. critical infrastructure.

With Iran and its proxies already escalating digital aggression against Israeli targets, Montgomery warns that water systems, energy grids, and transportation networks in the U.S. could soon face similar threats. The conversation explores:

  • The vulnerabilities across U.S. critical infrastructure

  • Iran’s evolving cyber and influence capabilities

  • Lessons from China’s Volt Typhoon campaign

  • The need for a renewed “shields up” posture from CISA

  • Why national cyber defense demands stronger National Guard and reserve roles

Montgomery and Cilluffo call for urgent action to harden defenses and rethink public-private coordination in light of this volatile moment on the global stage.

More coverage on https://threatbeat.com/

Transcript

1
00:00:00,000 –> 00:00:01,000
Frank Cilluffo:
I’m Frank Cilluffo and this is to the point where we delve into the pressing issues of the day today. My guest is Admiral Mark Montgomery, retired.

2
00:00:01,000 –> 00:00:02,000
Admiral Mark Montgomery, who is a leader at the Foundation of Defensive Democracies, is also a senior fellow at the McCrary Institute and a longtime staff director of the Solarium Commission where he did yeoman’s work to advance our cyber policy today, no surprise, we’re talking about the escalation in the Middle east between Iran and Israel and looking at the potential implications not only as a flashpoint point there, but it’s also serving as a potential global tinderbox here and what the implications are in terms of potential retaliation to US Critical infrastructure from Iran and the like. Mark, let’s start with what you think the risk is and the consequence is of Iranian cyber activity against U.S. critical infrastructure.

3
00:00:02,000 –> 00:00:03,000
Mark Montgomery:
Well, Frank, thank first for having me. And, and I’ll say that that risk is something you and I have written together and separately about over the last three or four years, which is that our critical infrastructure is exceptionally vulnerable. You and I have written about specific infrastructures, we’ve written in general about infrastructures. We’ve written about the problems of the government, the problems of the private sector. But the problem is we have a lot of risk and extremely high consequence associated with that risk. So what I mean by that is many of our criticism structures are very vulnerable. We tend to have, we tend to notice ones that are highly protected, like high end banks.

4
00:00:03,000 –> 00:00:04,000
Mark Montgomery:
They spend a billion dollars a year. Why? Because they’ve been robbed. They’re heavily regulated. But the vast majority of the, of the critical infrastructures we have to worry about are water systems, electrical power systems, transportation systems like ports and rails and aviation. And the vast majority of them are not as well protected either by industry or supported by the government. Now and within energy, because of nuclear power, there’s some regulation and it actually is some good private, private, private, public collaboration going on and some good investments. But the vast majority of our critical infrastructures are unprotected. And just you and I said it.

5
00:00:04,000 –> 00:00:05,000
Mark Montgomery:
But then we got some help from the Chinese. They proved it. And you know, Volt Typhoon, which was a, the name of one of their advanced persistent threat teams, attacked our systems, placed what we, what you and I call operational preparation of the battlefield put accesses in for future gain or installed malware for future disruptive activity. And then Director Ray made it clear about 16 months ago with some public statements and congressional testimony that they had done this through throughout our geographically throughout the United States, but also sectorally throughout the critical infrastructures demonstrating the vulnerability. And then people like you and I have written about the consequences.

6
00:00:05,000 –> 00:00:06,000
Frank Cilluffo:
Mark, thank you. And Iran, whether the IRGC or proxies or others with an affinity toward their cause, their TTPs, their tactics, techniques and procedures have continued to get better and better and better. You mentioned water. Water has been a long time target not only of Israel, but also here in the US do you think we’re going to see malicious activity coming from Iran or its proxies? And if so, do you think it will be cyber attack or influence operations or both?

7
00:00:06,000 –> 00:00:07,000
Mark Montgomery:
That’s a great question because that’s exactly the. They are not right now in a position to do a kinetic strike against our homeland. They can do damage. You know, they can’t attack our troops with missiles and things like that, our troops that are stationed in the Middle east. And certainly there’s a lot of effort going into protecting that. What they can do is exactly what you said they can do cyber malicious activity, whether it’s actual cyber attacks against systems, ransomware attacks, malicious activity, or if it’s influence operations. Now, Iran is one of four countries that we see routinely practice these skill sets against the United States. China and Russia are clearly the most dominant ones, but following them are Iran and North Korea.

8
00:00:07,000 –> 00:00:08,000
Mark Montgomery:
I’d set North Korea aside as like a unique example of like, you know, a state, you know, a nation state, you know, masquerading as a cyber gang on occasion, you know, really doing criminal activity to fund the state. Iran is different. Iran does it to put their own diaspora at risk. They do that all the time. They attack them, but they also do it directly against Israel, who they consider the little Satan, and against United States, who they consider the big Satan. So if you ask me, is it possible? Yes. Is it likely? Yes. We already see a 700% increase in Iranian attacks on Israeli critical infrastructures.

9
00:00:08,000 –> 00:00:09,000
Mark Montgomery:
That doesn’t mean successful attacks. That means attempts to penetrate have gone up 700% since the beginning of Israel’s air campaign against Iran. So do I think it’ll come here? Yes. But I got to be honest with you, because their cyber militia activity hasn’t resulted in critical infrastructure damage, it’s as likely they’ll try influence operations. In other words, Creating false stories. And here they’re assisted by kind of the, the dark web and the, and the proliferation of, of influence operation tools that the Chinese and Russians have put out there to grab them themselves and create false stories. And then they’re further assisted by our own social media which pretty much has an all comers attitude towards information when it first hits it. Over time it might be removed, but initially it gets full play.

10
00:00:09,000 –> 00:00:10,000
Mark Montgomery:
And look, there’s a reason for that, there’s a first Amendment reason for that, but it does make us vulnerable again to those kind of influence operations. We’re already seeing them coming from China. I have seen documentation of that. I, I suspect we’ll begin to see it from Iran on here just as they tried to play in our 2024 election. Not to the degree of China, but you know, to some degree, particularly in Michigan and other areas.

11
00:00:10,000 –> 00:00:11,000
Frank Cilluffo:
And Mark, not to put words in your mouth, but US companies that have a global footprint certainly in the Gulf and Middle east are on red alert, I would imagine. But those same sorts of the threat knows no borders in this respect. So are we prepared?

12
00:00:11,000 –> 00:00:12,000
Mark Montgomery:
You know, I’m glad you brought that up. You know, previously you and I, you know, gave a lot of advice to CISA. You know, as it, as it grew, you know, the Cyberspace Learning Commission really gave it like 10 new sets of authorities, assisted, assisted in doubling its, its budget to where it is now. It’s been cut a little bit, but it’s still an almost doubling from where it was. But one of the things they did two years ago or three years ago at the start of the Russia Ukraine war was kind of a shields up narrative. A, hey, American companies, particularly American companies in the foreign. You said you need to be aware, you need to be more sensitive, you need to take that rheostat and diet a little more towards security and safety. Right.

13
00:00:12,000 –> 00:00:13,000
Mark Montgomery:
I have not seen that this time. I, I think CISA’s probably the Cyber Security Infrastructure Security Agency is in a slightly less forward foot, you know, forward facing stance right now because of some significant changes that would happen when any change of party happens to be presidents. But I think has been amplified by this change over the last five months. And so I’m really hoping that our friend, our mutual friend Sean Plankey gets in soon so that he can take leadership of CISA and direct things that I think are pretty obvious. Like hey, we need a shields up like you know, narrative to be getting out there to industry.

14
00:00:13,000 –> 00:00:14,000
Frank Cilluffo:
Yeah, we need the leaders in the office of the National Cyber Director, Sean Cairncross. Sean Plankey, that might be an impediment to having the ability to bring industry at the highest level to the table. Hey, in the words of finally, to paraphrase Winston Churchill, never let a good crowd crisis go to waste. What should we be seizing right now?

15
00:00:14,000 –> 00:00:15,000
Mark Montgomery:
Yeah, well, listen, in the only tangentially related, but clearly related, we need to start to focus on. On how do we do a better job as a federal government supporting the private sector and defending itself. We don’t want the private. Just like we don’t want the private sector building their own cruise missile defense systems. We recognize that. I’m not a big fan of them, of letters of mark or. Or hacking back and private companies carrying out what could be escalatory measures. We need to get better.

16
00:00:15,000 –> 00:00:16,000
Mark Montgomery:
How do we get better? In my mind, we need to generate forces better. That’s a cyber force. And then very specifically, the National Guard needs to be more effectively utilized by both. Give governors more opportunity to use it, give them more capacity to use. I think you get that with a cyber guard that would be aligned with cyber force. Same with the reserves. You know, we should have a more effective reserve that cyber reserves has never developed properly. And then finally, we need to take a look at all our critical infrastructures.

17
00:00:16,000 –> 00:00:17,000
Mark Montgomery:
Frank, not all of them are being properly supported. And you and I have written extensively on space. Space is exceptionally important to communications, to energy, to timing, to position, navigation, all the PNT rhymes. And you and I have argued for this compo very comprehensively. And I think we were ignored by the last administration and the opportunity was missed. Maybe these guys come back and make space a critical infrastructure.

18
00:00:17,000 –> 00:00:18,000
Frank Cilluffo:
Well, that certainly seems to me the. Well, duh, they better. I hope they do. And Mark, thank you for spending some time with us. Thank you for sharing your expertise and shields up. So thank you.

19
00:00:18,000 –> 00:00:19,000
Mark Montgomery:
Thank you, Frank.

Related Content