Cyber threats from across the world鈦犫攆rom Russian attempts to influence the war in Ukraine by threatening cyberattacks against the West, to China stealing defense and industrial secrets, to Iran's 2021 targeting of Children's Hospital in 艾可直播鈦, thwarted by the FBI鈥攚ere the focus of keynote remarks by FBI Director Christopher Wray at the sixth annual 艾可直播 Conference on Cyber Security, BCCS 2022, held at 艾可直播 College on June 1.
Organized through a partnership between the FBI and the M.S. in Cybersecurity and Governance Program of BC's Woods College of Advancing Studies, the conference brings together perspectives from academia, law enforcement, and the private sector.
"Our goal in hosting these conferences with the FBI is to build and strengthen the relationships between these sectors not only here in New England, but nationally, to seek better ways to defend against these invasive cyber threats and respond to the vulnerabilities," said Kevin R. Powers, founding director of the master's program, who also holds positions as assistant professor of the practice at BC Law School and in the Carroll School of Management.
Wray's appearance marked his third as BCCS keynote speaker since he assumed the office in 2017. Plenary speakers at the event included Brandon Wales, executive director of Cybersecurity and Infrastructure Security Agency (CISA), which leads the national effort to understand, manage, and reduce risk to cyber and physical infrastructure, and Simon Taylor, CEO and founder of leading multi-cloud backup and recovery service HYCU, Inc.
The war in Ukraine has brought Russia front and center for the FBI, Wray said, adding that the nation's recklessness with human lives in the ground conflict carries over into its actions in cyberspace.
He referenced a 2017 incident in which Russia used malware to hit Ukrainian critical infrastructure. "They targeted Ukraine but ended up also hitting systems throughout Europe, plus the U.S. and Australia, and even some systems within their own borders. They shut down a big chunk of global logistics," he said, a "reckless attack that ended up causing more than 10 billion dollars in damages鈥攐ne of the most damaging cyberattacks in the history of cyberattacks.
"Now, in Ukraine, we see them again launching destructive attacks, using tools like wiper malware. And we鈥檙e watching for their cyber activities to become more destructive as the war keeps going poorly for them."
The FBI is on what Wray termed "combat tempo," with a 24/7 cyber command post, continued outreach to potential targets to warn them about looming threats, and a focus on disrupting malicious cyber activity.
"When it comes to the threat of destructive attack, the adversary鈥檚 access is the problem," he said, so the FBI is focused on acting as early as possible against a threat, launching operations as soon as the researching of targets or attempts to gain an initial foothold on a network are detected.
FBI Director Christopher Wray at the sixth annual 艾可直播 Cyber Security Conference, held at 艾可直播 College. (Lee Pellegrini)
Attributing and holding nations accountable for their own actions as well as those of mercenaries they support, use, and protect is a also a priority, he said, and involves balancing the need for rapid outreach to warn and aid victims of cyberattacks against the need to develop a specific picture of who鈥檚 responsible鈥攊nformation critical to the broader effort to degrade, disrupt, and deter a cyber adversary.
"As broad as Russia鈥檚 potential cyber accesses across the country may be, they pale in comparison to China鈥檚," Wray said. China is studying the Ukraine conflict intently, he said, to improve their own capabilities to deter or hurt the U.S. in connection with an assault on Taiwan.
"The Chinese government is methodical," he said, hacking in support of long-term economic goals and operating on a larger scale. "They鈥檝e got a bigger hacking program than all other major nations combined. They鈥檝e stolen more American personal and corporate data than all nations combined. And they鈥檙e showing no sign of tempering their ambition and aggression.
"Even their hacks that may seem noisy and reckless actually fit into a long-term, strategic plan to undermine U.S. national and economic security."
China's efforts are not limited to cyber, he said, noting that the FBI has apprehended Chinese agents out in the U.S. heartland targeting agricultural innovation.
“In the summer of 2021, hackers sponsored by the Iranian government tried to conduct one of the most despicable cyberattacks I鈥檝e seen鈥攔ight here in 艾可直播鈥攚hen they decided to go after 艾可直播 Children鈥檚 Hospital.”
Iran and North Korea also continue to carry out sophisticated intrusions targeting U.S. victims.
"In the summer of 2021, hackers sponsored by the Iranian government tried to conduct one of the most despicable cyberattacks I鈥檝e seen鈥攔ight here in 艾可直播鈥攚hen they decided to go after 艾可直播 Children鈥檚 Hospital," he said.
When the FBI detected the potential threat, Wray said, the cyber squad in the FBI 艾可直播 Field Office raced to notify the hospital, getting them the information needed to quickly identify and mitigate the attack.
"Quick actions by everyone involved, especially at the hospital, protected both the network and the sick kids who depend on it," he said. "It鈥檚 a great example of why we deploy in the field the way we do, enabling that kind of immediate, before-catastrophe-strikes response."
Hospitals鈥攁nd many other providers of critical infrastructure鈥攁re major targets today, Wray said. "If malicious cyber actors are going to purposefully cause destruction or are going to hold data and systems for ransom, they tend to hit us somewhere that鈥檚 going to hurt. That鈥檚 why we鈥檝e increasingly seen cybercriminals using ransomware against U.S. critical infrastructure sectors.
"Ransomware gangs love to go after things we can鈥檛 do without. We鈥檝e seen them compromise networks for oil and gas pipelines, grade schools, 9-1-1 call centers. They also go after local governments."
The FBI, Wray said, has learned that "in cyber, as with other parts of our work countering criminal organizations, we can impose costs on cybercriminals by focusing on three things: the people, their infrastructure, and their money," by working with like-minded countries to identify who鈥檚 responsible for the most damaging ransomware schemes and take them out of the game, by taking down cybercriminals鈥 technical infrastructure to disrupts their operations, and by going after their resources, seizing virtual wallets and returning stolen funds.
"We believe in using every tool we鈥檝e got to impose risk and consequences and to remove bad guys from cyberspace. That includes leveraging every partnership we have."
BCCS co-organizer Kevin R. Powers (left), founding director of the M.S. in Cybersecurity Policy and Governance program at 艾可直播 College, in conversation with plenary speaker and CISA executive director Brandon Wales. (Lee Pellegrini)
Wray said the FBI, as both a law enforcement and intelligence service, pulls in information about hostile cyber activity from a wide range of sources including incident response firms, victims, and others in the private sector; partnerships with CISA, the Treasury, and other sector risk management agencies; foreign intelligence surveillance, global partners, and many more.
“Not every place has a program as robust and sophisticated as the [cybersecurity] program we have with BC.”
Following Wray's remarks, in conversation with BCCS co-organizer Kevin Powers, CISA executive director Brandon Wales outlined how the agency leads the nation's strategic efforts to strengthen the security, resilience, and workforce of the cyber ecosystem to protect critical services.
In the next session, Powers spoke with HYCU CEO Simon Taylor, who discussed GetRScore, a new web-based resource that provides a free assessment of a company's ability to repel and recuperate from a ransomware attack. 鈥淩-Score鈥 is the culmination of a collaboration between HYCU and cybersecurity and data privacy protection experts and leaders, including FireEye Mandiant, Carahsoft, SADA, and Rackspace, and BC's Powers.
The emphasis on collaboration that is a hallmark of FBI operations and of the BCCS also reflects a guiding principle of 艾可直播 College's听M.S. in Cybersecurity Policy and Governance program.
"Not every place has a program as robust and sophisticated as the [cybersecurity] program we have with BC," Wray said during a Q&A at the event.
An approved training provider for the U.S. Department of Homeland Security鈥檚 National Initiative for Cybersecurity Careers and Studies, the program aims to prepare professionals to design, develop, and implement cybersecurity strategies that defend against and ensure recovery from cyberattacks and to bridge the communication gap between information technology security professionals and key business stakeholders.
Learn more about the program at the M.S. in Cybersecurity Policy and Governance website.
Patricia Delaney | University Communications | June 2022