FBI Director Christopher Wray explained how the agency thwarted a cyberattack last year on the Boston Children’s Hospital by the Iranian government during the sixth annual Boston Conference on Cyber Security in Gasson Hall on Wednesday.
“Our folks got the hospital’s team the information they needed to stop the danger right away,” Wray said. “We were able to help them I.D. and then mitigate the threat.”
While delivering his keynote address at the conference—co-hosted by the FBI and Cybersecurity Policy and Governance Program and the Woods College of Advancing Studies—Wray described to students and faculty the attempted attack as “one of the most despicable cyberattacks I’ve seen.”
Wray said the incident shows the importance of creating partnerships between the government and private sector, attributing the FBI’s ability to act quickly against the cyberattack to its existing relationship with the hospital after a series of planned attacks in 2014.
“We worked closely with Children’s [Hospital] all the way through our investigation, which led to a conviction and sentencing of the hacker in 2019,” Wray said. “So, Children’s and our Boston office already knew each other well before the attack from Iran, and that made a difference.”
Wray also said that the United States has recently seen a rise in ransomware—holding data and systems for ransom—against providers of critical infrastructure like hospitals, stating that there were ransomware incidents against 14 of the 16 U.S. critical infrastructure sectors, including health care, in 2021 alone.
“Ransomware gangs love to go after things we can’t do without,” he said. “We’ve seen them compromise networks for oil and gas pipelines, grade schools, 9-1-1 call centers. They also go after local governments.”
In addition to the recent attack against Boston Children’s Hospital, Wray spoke about threats from both Russia and China.
Wray said the FBI is currently on “combat tempo,” keeping tabs on potential cybersecurity threats from the Russian government due to the ongoing Russia-Ukraine War. This April, the FBI disrupted a botnet—a network of computers infected by malware that are remotely controlled by a single attacker—from the Russian GRU intelligence service, which had previously attacked the Ukrainian electric grid in 2015, according to Wray.
“We’ve seen the Russian government taking specific preparatory steps toward potential destructive attacks, here and abroad,” he said. “We’re moving rapidly to disrupt Russian activity.”
Wray said the Chinese government, on the other hand, hacks in pursuit of long-term economic goals, operating on a larger scale than Russia and all other powerful nations.
In order to restrain these larger scale efforts, Wray again focused on the importance of government partnerships with private companies. The FBI was only able to identify vulnerabilities caused by Chinese hackers through private-sector partnerships, he said.
Wray ended his speech encouraging audience members to contact their local FBI cyber team in order to help further prevent future cyberattacks.
“Whether you take that proactive step or not, if you suspect a cyber intrusion, please report the compromise by contacting your local field office immediately—the more quickly we get involved, the more we can do to help,” he said.