"It's highly likely that Iran will resume its destructive attacks against the US financial sector," Alperovitch told ZDNet at this week's inauguration of the company's office in Bucharest, Romania.
Iranian-based hacking groups, which CrowdStrike calls 'kittens' after the famous Persian cat, have recently been engaged in persistent waves of attacks against Saudi Arabia. And the US might be next, said Alperovitch.
Other companies such as FireEye, Recorded Future, and Accenture also predicted or noticed an increase in activity and capabilities of Iranian hackers following the US sanctions.
"We had a wave of denial-of-service attacks back in the 2012 and 2013 timeframe from Iran against the US financial sector in response to the sanctions that were in place back then," said Alperovitch.
"Now that [the sanctions] have been reconstituted, we may very well see Iran going back to those tactics."
In May, US president Donald Trump decided to withdraw from the 2015 nuclear deal. And the sanctions lifted by the Obama administration were reimposed in two waves.
First, in August, the restrictions targeted the aviation industry, the purchase of US currency, and gold trading. Then, in November, the second round of sanctions was aimed at oil exports.
Iranian president Hassan Rouhani said last week that, "America's withdrawal from the [nuclear deal] is undoubtedly a clear example of economic terrorism".
In addition to Iranian state-sponsored hackers, NATO member countries should also pay attention to North Korea, Russia, and China in the coming year, Alperovitch said.
"[North Korea] is the most innovative cyberthreat actor out there. It is not as good as Russia or China, but frankly anyone that can build nuclear weapons and missiles shouldn't be underestimated."
Alperovitch said governments shouldn't shy away from attributing cyberattacks, and that the US could take the lead. "Governments have sources that private companies can never have, and they can actually inflict punishment."
In his opinion, cybersecurity providers should also say who is behind an attack, as their customers are interested in knowing how geopolitical events may affect the nature of the cyberthreats they face.
As for government imposing backdoors, a debate that is likely to continue in 2019, Alperovitch thinks it's a "really bad" idea.
"Once you introduce a backdoor, not only your law enforcement can have access to it, but others can figure this out, too," he said. "We are completely opposed to backdoors and any weakening of security technologies."
Alperovitch was in Romania on Tuesday evening for a ribbon-cutting ceremony that marked the official opening of CrowdStrike's office.
Abigail Rupp, the deputy chief of Mission at the US Embassy in Bucharest, and Alexandru Petrescu of the Romanian ministry of Communication and Information Technology, joined the event.
CrowdStrike currently employs over 30 people in Romania, a country on NATO's Eastern European border, but plans to hire 30 more in 2019.
The local team is built around security engineers Daniel Radu and Horea Coroiu, who sold their startup to CrowdStrike in June 2016.
"They bought us after only six months of activity. The startup was some kind of Google for the security industry," Coroiu told ZDNet.
CrowdStrike is also considering opening a second office in Romania, in Cluj-Napoca, next year.
President Trump announced Tuesday the U.S. is withdrawing from the Iran nuclear deal. Iran's president Hassan Rouhani maintains his country has complied with the deal and said it wouldn't immediately withdraw.