FBI Director Christopher Wray at the fourth annual Boston Conference on Cyber Security, held at Boston College this month. (Photos by Lee Pellegrini)
鈥淲e don鈥檛 want to just keep the cyber criminals at bay, we want to burn down their infrastructure,鈥 FBI Director Christopher A. Wray told an audience of several hundred cybersecurity experts gathered at Boston College on March 4, in an address that focused on the comprehensive, innovative, and broadly collaborative approach needed to combat an increasingly complex and widespread threat.
Wray delivered the keynote address at the fourth annual Boston Conference on Cyber Security, 亚色影库CS 2020, organized through a partnership between the FBI and the M.S. in Cybersecurity and Governance Program of 亚色影库's Woods College of Advancing Studies to seek better ways to defend against these invasive cyber threats and respond to the vulnerability of U.S. information systems.
Cyber crime continues to grow in scope, complexity, and sophistication, Wray told the gathering, and its impact has deepened, making it a powerful weapon for a range of 鈥渢hreat actors,鈥 from multi-national cyber syndicates to nation-state adversaries.
鈥淲e can鈥檛 just fight this threat one by one: One bad guy at a time, one syndicate at a time, one victim company at a time,鈥 he said. 鈥淲e鈥檝e got to tackle the cyber threat as a whole, applying our capabilities, our intelligence, and our partnerships to their full extent."
“This conference has become one of the most unique gatherings of voices, thinkers, and policy makers in the cyber realm. It鈥檚 one we鈥檙e really proud to be a part of at the FBI.”
Wray's remarks to the capacity crowd in Gasson Hall focused on the cyber threat writ large, and the spectrum of ways in which the FBI addresses it.
Concerns he cited include a wider-than-ever gamut of methods continually employed in new ways鈥ike the targeting of MSPs鈥攎anaged service providers鈥攁s a way to access scores of victims by hacking just one provider, a technique pioneered in China but now used by criminal hackers.
In addition, he said, "we face the increasingly blended threat of state-sponsored economic espionage facilitated by cyber intrusions. More than ever, our adversaries鈥 targets are our nation鈥檚 core economic assets鈥攐ur information and ideas, our innovation, our research and development, our technology."
No nation poses a broader, more severe threat to those assets than the Chinese government, he said. "They鈥檙e not just targeting companies related to our defense industry, they鈥檙e targeting companies producing everything from proprietary rice seeds to software for wind turbines to high-end medical devices. And they鈥檙e not just targeting innovation and R&D鈥攖hey鈥檙e going after cost and pricing information, internal strategy documents...anything that can give them a competitive advantage.鈥
Nation-state threats from China, Russia, Iran, North Korea and others also include efforts to obtain controlled defense technology and develop the ability to use cyber means to complement any future real-world conflict. But as dangerous as nation-states are, said Wray, the threat also comes from increasingly sophisticated criminal groups, with hackers on a level previously only seen among government operatives.
“We don鈥檛 want to just keep the cyber criminals at bay, we want to burn down their infrastructure.”
Befitting the scope of the danger, the U.S. deploys a whole cyber ecosystem against it鈥攁nd in cross-cutting law enforcement and national security authorities, the FBI is at the center of it, Wray said, citing as an example its work in the 2018 SamSam Ransomware indictment.
"SamSam was sophisticated malicious software used to hack into the networks of hospitals, schools, companies, government agencies, and a number of other entities, and to encrypt their computers. There were more than 200 victims鈥攊ncluding the City of Atlanta, the Port of San Diego, and MedStar Health.
"To identify the actors, we needed more than just our own intelligence. We needed information from victims across the country, and intelligence and investigative information from foreign partners and private sector entities who were also tracking SamSam. With all those pieces of the puzzle, we were able to attribute the attack to two Iranians.
"More puzzle pieces helped us determine the actors were working for personal profit, rather than on behalf of the Iranian government. [The