Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Wray: FBI Blocked Planned Cyberattack on Children’s Hospital

The FBI thwarted a planned cyberattack on a children’s hospital in Boston that was to have been carried out by hackers sponsored by the Iranian government, FBI Director Christopher Wray said Wednesday.

The FBI thwarted a planned cyberattack on a children’s hospital in Boston that was to have been carried out by hackers sponsored by the Iranian government, FBI Director Christopher Wray said Wednesday.

Wray told a Boston College cybersecurity conference that his agents learned of the planned digital attack from an unspecified intelligence partner and got Boston Children’s Hospital the information it needed last summer to block what would have been “one of the most despicable cyberattacks I’ve seen.”

“And quick actions by everyone involved, especially at the hospital, protected both the network and the sick kids who depended on it,” Wray said.

The FBI chief recounted that anecdote in a broader speech about ongoing cyber threats from Russia, China and Iran and the need for partnerships between the U.S. government and the private sector.

He said the bureau and Boston Children’s Hospital had worked closely together after a hacktivist attacked the hospital’s computer network in 2014. Martin Gottesfeld launched a cyberattack at the hospital to protest the care of a teenager at the center of a high-profile custody battle and later was sentenced to 10 years in prison. The attack against the hospital and a treatment home cost the facilities tens of thousands of dollars and disrupted operations for days.

“Children’s and our Boston office already knew each other well — before the attack from Iran — and that made a difference,” Wray said.

He did not ascribe a particular motive to the planned attack on the hospital, but he noted that Iran and other countries have been hiring cyber mercenaries to conduct attacks on their behalf.

When it comes to Russia, he said, the FBI is “racing” to warn potential targets about preparatory actions that hackers are taking toward destructive attacks. In March, for instance, the FBI warned that it was seeing increased interest by hackers in energy companies since the start of Russia’s war against Ukraine.

Advertisement. Scroll to continue reading.

Hackers from China, meanwhile, have stolen more corporate and personal data from Americans than all other nations combined as part of a broader geopolitical goal to “lie, cheat and steal,” Wray said.

The speech took place as the FBI continues to combat ransomware attacks from criminal gangs, an ongoing concern for U.S. officials despite the absence of crippling intrusions in recent months.

Wray emphasized the need for private companies to work with the FBI to thwart ransomware gangs and nation-state hackers, adding that building those relationships is a key to success.

“What these partnerships let us do is hit our adversaries at every point — from the victims’ networks, back all the way to the hackers’ own computers,” Wray said.

The FBI and other federal agencies have been working to assure hacking victims that it is in their best interest to report intrusions and cyber crimes. Many companies attacked by ransomware gangs often don’t go to the FBI for a variety of reasons.

U.S. Sen. Rob Portman, a Republican from Ohio and the ranking member of the Senate Homeland Security and Governmental Affairs Committee, issued a report earlier this year critical of the FBI’s response to some ransomware victims. In two cases, the FBI “prioritized its investigative and prosecutorial efforts to disrupt attacker operations over victims’ need to protect data and mitigate damage,” the report said.

One unnamed Fortune 500 company told committee staff that the FBI did not offer any “helpful assistance” when responding to a ransomware attack.

“For example, the FBI offered their hostage negotiator who appeared to have little expertise in responding to ransomware attacks,” the report said.

Wray, though, touted the FBI’s capacity to get a technically trained agent to any victimized company in an hour — “and we use it a lot.”

Related: Iranian APTs Targeting Fortinet, Microsoft Exchange Flaws

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.

Cybercrime

Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.