US cyber director Sean Cairncross on Wednesday described Iran as a "perpetual bad actor” but said Iranian hackers are not avoiding consequences.
His comments came during an interview at Semafor's World Economy Summit in Washington, when he was asked about the recent hack of FBI director Kash Patel's personal email by an Iran-linked group.
"Iran has never been a good actor in this space,” Mr Cairncross said. "They're a perpetual bad actor and they've never stopped trying to push in this regard.”
He added that Tehran's efforts to compromise US digital infrastructure have increased since the US and Israel attacked Iran in late February.
Last month, the Handala group of Iranian hackers followed up on a threat to attack the US domestic intelligence service, and released several photos of Mr Patel and an old resume that appeared to be his.
In a statement to The National at the time, the FBI said it was aware of malicious entities looking to breach Mr Patel's digital assets.
"We have taken all necessary steps to mitigate potential risks associated with this activity,” the statement read. "The information in question is historical in nature and involves no government information.”
It added that the State Department is offering an up to $10 million reward for information leading to the identification of the Handala hackers.
It was later determined that Handala was responsible for a recent cyber attack against Michigan-based medical technology company Stryker, which has more than 50,000 employees around the world.
The US Justice Department and FBI have announced the seizure of several websites associated with Handala.
The group has been able to quickly re-establish itself several times, however, and continues to operate.
Pressed on whether describing Iran as a "perpetual bad actor” meant that he was not worried about future attacks, Mr Cairncross said: "It's my job to be worried about that.
"I'm very worried about that and I think everybody in the national security architecture is worried about that and has eyes on that.”
He added that Iranians who seek to create disruption by hacking "are paying a consequence” and "have their hands full”.
Last week, the US federal government sent out an advisory notice in the hours leading up to the ceasefire saying hackers linked to Iran had attacked various devices linked to water, wastewater treatment and energy sectors throughout the country.
Late last year, FBI assistant director Brett Leatherman said that he was seeing increased cyber attack attempts against US digital infrastructure from Iran. He warned that any successful cyber attack affecting critical technology systems would probably be considered an act of war.
In its digital defence report last year, Microsoft also warned about cyber crime originating from Iran.
“The volume of Iranian state-linked cyber activity remains consistently high,” the report read. “Iran’s intelligence services continue to focus heavily on regional adversaries, conducting long-term espionage against critical infrastructure.”
It also noted that Tehran's cyber hackers most frequently went for Israel, the US and the UAE with the aim of exploiting vulnerabilities.
