The FBI foiled a planned cyberattack on a children’s hospital in Boston that was supposed to have been carried out by hackers sponsored by the Iranian government. FBI Director Christopher Wray he said Wednesday.
Wray told a Boston College cybersecurity conference that his agents learned of the digital attack planned by an unspecified intelligence partner and gave Boston Children’s Hospital the information it needed last summer to block what would have been “one of the most the most despicable cyber attacks I have ever seen. ”
“And the swift actions of everyone involved, especially at the hospital, protected both the network and the sick children who depended on it,” Wray said.
The FBI chief recounted that anecdote in a larger speech about ongoing cyber threats from Russia, China and Iran and the need for partnerships between the US government and the private sector.
He said the office and Boston Children’s Hospital worked closely together after a hacktivist attacked the hospital’s computer network in 2014. Martin Gottesfeld released a cyber attack on the hospital to protest the care of a teenager at the center of a high-profile custody battle and was later sentenced to 10 years in prison. The attack on the hospital and a treatment home cost the facility tens of thousands of dollars and disrupted operations for days.
“The Children’s office and our office in Boston already knew each other well, before the Iran attack, and that made all the difference,” Wray said.
He did not attribute a particular motive for the planned attack on the hospital, but noted that Iran and other countries have been hiring cyber mercenaries to carry out attacks on their behalf.
Joseph Bonavolonta, the special agent in charge of the FBI’s Boston division, said the information was so classified that they couldn’t immediately share the details with Boston Children’s.
“We had to get a little creative in the short term,” Bonavolonta said.
FBI agents gathered previously issued bulletins that focused on the threat from this group in general and immediately shared them with the hospital, he said. That gave hospital officials a good overview of what they were dealing with, even if it wasn’t the latest intelligence.
Then, for a few days, the FBI was able to declassify some information and provide the hospital with more granular details, Bonavolonta said.
“We found a way to use previously released reports to get that information out,” Bonavolonta added. “It was literally in real time.”
When it comes to Russia, Wray said, the FBI is “sprinting” to warn potential targets about preparatory actions hackers are taking for destructive attacks. In March, for example, the FBI warned that was seeing increased interest from hackers in energy companies since the beginning of Russia’s war against Ukraine.
Meanwhile, Chinese hackers have stolen more corporate and personal data from Americans than all other nations combined as part of a larger geopolitical goal to “lie, cheat and steal,” Wray said.
The speech took place while the FBI is still fighting ransomware attacks of criminal gangs, a constant concern for US officials despite the absence of crippling intrusions in recent months.
Wray emphasized the need for private companies to work with the FBI to thwart ransomware gangs and nation-state hackers, adding that building those relationships is the key to success.
“What these partnerships allow us to do is attack our adversaries at every point, from the victims’ networks to the hackers’ own computers,” Wray said.
The FBI and other federal agencies have been working to reassure victims of hacking that it is in their best interest to report intrusions and cybercrimes. Many businesses targeted by ransomware gangs often don’t go to the FBI for a variety of reasons.
US Senator Rob Portman, an Ohio Republican and ranking member of the Senate Homeland Security and Governmental Affairs Committee, issued a report earlier this year criticizing the FBI’s response to some ransomware victims. In two cases, the FBI “prioritized its investigative and prosecutorial efforts to disrupt attackers’ operations over victims’ need to protect data and mitigate damage,” the report says.
An anonymous Fortune 500 company told committee staff that the FBI did not offer any “helpful assistance” in responding to a ransomware attack.
“For example, the FBI offered their hostage negotiator who appeared to have little experience responding to ransomware attacks,” the report says.
Wray, however, touted the FBI’s ability to dispatch a technically trained agent to any victim company within the hour, “and we use it a lot.”
Reference-www.nbcnews.com