The cyber threat has evolved dramatically in recent years, with today's risks originating from all angles and cyber criminals using increasingly sophisticated, insidious tactics—including capitalizing on the COVID-19 pandemic, according to FBI representatives at the fifth Boston Conference on Cyber Security, BCCS 2021, held virtually on March 3.
Organized annually through a partnership between the FBI and the M.S. in Cybersecurity and Governance Program of BC's Woods College of Advancing Studies, the conference brings together perspectives from academia, law enforcement, and the private sector to seek better ways to defend against these invasive cyber threats and respond to the vulnerability of U.S. information systems.
Perpetrators of ransomware schemes in particular—in which criminals prevent the victim's access to data until a ransom is paid—"have taken things to a whole new level," said FBI Deputy Director Paul M. Abbate in his keynote address at the conference. "They're not only wreaking havoc on company operations and causing significant financial losses; ransomware schemes are also now shutting down virtual learning in schools, crippling vital hospital systems, disrupting government services, and threatening critical infrastructure."
The FBI's strategy in combatting cyber threats focuses on developing unique partnerships to maximize impact, Abbate said.
"It’s important to stay focused on imposing risks and consequences on all bad actors in cyberspace, whoever and wherever they are, to make it harder and more painful for hackers and criminals to victimize others and to prove to both criminals and nation-states that they can no longer compromise U.S. networks, steal U.S. financial and intellectual property, and put our nation’s critical infrastructure at risk without facing severe consequences,” he said.
Given the gravity of the cyber threats we face, the government must employ an entire ecosystem against them, he said, noting the centrality of the FBI to that effort through its dual role as both a law enforcement and intelligence agency, employing cyber squads, including interagency partners, in each of its 56 field offices; cyber agents in embassies around the globe, working with both foreign law enforcement and intelligence services; and a rapid-response Cyber Action Team that can readily deploy to major incidents anywhere, anytime.
"This fight requires a whole-of-society approach—government and the private sector, working together against threats to national and economic security," Abbate said. "That’s why we’re co-located with partners in industry, academia, and the financial sector as part of the National Cyber-Forensics and Training Alliance in both Pittsburgh and New York City. It’s why we created another hub to work with and facilitate cybersecurity collaboration among the defense industry, the National Defense Cyber Alliance, where experts from the FBI and cleared defense contractors sit together, sharing intelligence in real time. And it’s why agents in every single FBI field office now spend a huge amount of time going out to companies and universities in their areas of responsibility, establishing relationships before there’s a problem, and providing threat intelligence to help prepare defenses. That includes information we’ve obtained from sensitive sources.
"And we are working more closely than ever with our federal partners like the Cybersecurity and Infrastructure Security Agency to produce joint advisories, so you’re hearing a single message from across the government."
“Today, the threat comes at us from all angles. We see criminal actors turning to an underground economy in search of the most skilled hackers and sophisticated criminal cyber tools. They then leverage data theft, ransomware, and other illicit methods to inflict immense harm on their victims.”
Abbate detailed a wide variety of cases in which the FBI has attacked some of the most dangerous threats on the cyber front, including coordinating, with international partners, disruptions of the vast Emotet criminal botnet, one of the longest running and most pervasive global malware delivery services.
Domestic cases included the indictment in 2019 of two Massachusetts men on computer and wire fraud charges and identity theft for allegedly hacking into the accounts of cryptocurrency company executives.
The themes emphasized in Abbate's keynote address were underscored by two ensuing discussions focusing on emerging technologies, operations and enforcement, and real-life cyber and national security experiences focusing on risk, compliance, policy, threat trends, preparedness, and defensive and mitigation strategies.
The first discussion, "The State of Cyber and National Security," featured FBI Boston Division Special Agent in Charge Joseph R. Bonavolonta in conversation with Joanna Baltes, J.D., L.L.M., curriculum coordinator of BC's M.S. in Cybersecurity Policy and Governance program.
Across the U.S, businesses and individuals lost approximately $3.5 billion to cybercriminals last year while reporting more incidents of internet crime to the FBI than any other year. In the Boston Division, victims suffered a total estimated loss of $50 million, Bonavolonta said.
A recent development, he said, particularly related to ransomware, is that while banking and financial industries are prime targets, there have been a significant upticks in attacks within healthcare and industrial manufacturing, both of which hold data that would be valuable for domestic and international cyber criminals.
Foreign adversaries, primarily China, Russia, and Iran, will use whatever they can to destabilize the U.S., whether politically or economically, he said, and also know what valuable informaton can be gained from such attacks, from healthcare data that can better enable them to target individuals to propietary information and trade secrets.
Ransomware attacks target every sector you can imagine, from governments, schools, and hospitals to businesses of all sizes, he said, and they're on the rise. In 2020, he said, there were 90 reported infections in the four-state area of the Boston Division, compared with 50 in 2018—and those are just reported incidents. Many, he said, go unreported.
And during the COVID-19 pandemic, he said, there has been a significant uptick in different types of fraud, including phishing scams built around the distribution of stimulus checks or the vaccine rollout. These scams can involve malware embedded in links seemingly associated with trusted government organizations. If individuals are not practicing proper cyber hygience—making sure they go to known, trusted sites before clicking on links or entering personal information, Bonavolonta said, they could be at risk.
The pandemic also provided criminals with opportunity for phishing campaigns targeting individuals seeking information about the coronavirus itself, looking to obtain PPE, or trying to book vaccine appointments, said Nick Rossman, global threat intelligence lead with IBM’s Security X-Force, during the second conference discussion, "The 2021 Cyber Threat Intelligence Index & Cost of a Data Breach," which also featured BCCS 2021 co-organizer Kevin R. Powers, founding director of Boston College's cybersecurity graduate programs.
A ransomware attack on a company involved in vaccine refrigeration, for example, could impede the delivery of that shipment, possibly resulting in that batch spoiling, Rossman said.
And due to the new reliance on work from home, new threats include insecure wifi, added credentials for hosts of virtual meetings, and people reusing passwords, he said, all of which is creating a bigger flood of desirable information to the dark web market.
In order to help help protect themselves and their workers, the bottom line, said Powers, is that companies and private and government organizations must focus on employee training in cybersecurity, and must develop incident response plans and practice them through regular tabletop exercises to maintain preparedness for an attack.
The collaborative approach of BCCS, which emphasizes that law enforcement, private industry, and academia must work together to ensure a safer cyber space, reflects a hallmark of BC's M.S. in Cybersecurity Policy and Governance program, said Powers, who also holds positions as assistant professor of the practice at BC Law School and in the Carroll School of Management. The program, which is an approved training provider for the U.S. Department of Homeland Security’s National Initiative for Cybersecurity Careers and Studies, aims to prepare professionals to design, develop, and implement cybersecurity strategies that defend against and ensure recovery from cyberattacks and to bridge the communication gap between information technology security professionals and key business stakeholders.
Learn more about the program at the M.S. in Cybersecurity Policy and Governance website.
Patricia Delaney | University Communications | March 2021