A plan by the Iranian government to launch a cyberattack on a children’s hospital was caught by the FBI. The Iranian government planned the attack on the Boston Children’s Hospital, but agents learned of the planned digital attack from an anonymous intelligence partner.
FBI Director Christopher Wray talked about the incident at a Boston College cybersecurity conference. Through the acquired intelligence, the FBI was able to get the hospital the information it needed last summer to stop what could have been “one of the most despicable cyberattacks I’ve seen,” Wray said. He also said that it was the quick actions by those involved, especially at the hospital, that protected all of the sick children that depended on the technology.
The FBI director was speaking about the ongoing cyberthreats from Russia, China, and Iran at the Boston College cybersecurity conference. He focused on the need for the United States government to develop and maintain partnerships with the private sector.
The Boston Children’s Hospital has worked with the FBI before. Their computer network was hacked in 2014 by Martin Gottesfed. He did it to protest the care of a teenager who was the focus of a high-profile custody battle. Gottesfed was sentenced to 10 years in prison. The relationship developed between the hospital and the FBI office in Boston made a difference in the recent thwarting of the Iranian attack.
Wray did not discuss a motive from Iran for this attack, but he did describe how countries like Iran are hiring cyber mercenaries to conduct attacks on their behalf.
Russia, according to Director Wray, is causing the FBI to move quickly to warn potential targets of destructive hackers. It was just in March that the FBI revealed that it was seeing more interest from hackers focused on energy companies. This has increased since Russia started the war in Ukraine.
China has stolen more corporate and personal data from Americans than all the other nations combined. Wray said that this is part of their broader geopolitical goal to “lie, cheat and steal.”
The director said that the FBI is continuing to fight ransomware attacks from criminal gangs as well. Even though there have not been any intrusions recently, the threat is still there for U.S. officials.
According to Wray, there is a growing need for private companies to work with the FBI to stop ransomware gangs and hackers working for other nations. It is a key for the FBI to manage these relationships if they are to be successful.
“What these partnerships let us do is hit our adversaries at every point — from the victims’ networks back all the way to the hackers’ own computers,” Wray said.
One of the things the FBI and other federal agencies are requiring is for those who are victims of hacking to report those intrusions and cyber crimes. It is not uncommon for companies hit by a ransomware attack to not go to the FBI for various reasons.
Senator Rob Portman, a Republican from Ohio, is the ranking member of the Homeland Security and Governmental Affairs Committee. He issued a critical report this year about the FBI’s response to ransomware victims.
Portman indicated in the report that the FBI “prioritized its investigative and prosecutorial efforts to disrupt attacker operations over victims’ need to protect data and mitigate damage.”
One Fortune 500 company told the committee members that the FBI did not give any “helpful assistance” when they reported a ransomware attack. In fact, the company said that the FBI offered a hostage negotiator who did not have much expertise regarding ransomware attacks.
Wray countered that criticism by saying that the FBI can get a technically trained agent to a victimized company in an hour. He said they do that “a lot.”
The FBI certainly recorded a win for the Children of Boston’s hospital.