WASHINGTON (AP) – The FBI has thwarted a planned cyber attack on a children’s hospital in Boston, which was to be carried out by hackers sponsored by the Iranian government, FBI Director Christopher Ray said on Wednesday.
Ray told a cybersecurity conference at Boston College that his agents had learned of the planned digital attack from an unidentified intelligence partner and had received information from Boston Children’s Hospital last summer to block what would be ” one of the most heinous cyberattacks I’ve ever seen. ”
“And the prompt action of everyone involved, especially the hospital, protected both the network and the sick children who depended on it,” Ray said.
The FBI chief told the anecdote in a broader speech about cyber threats from Russia, China and Iran and the need for partnerships between the US government and the private sector.
He said the Boston office and children’s hospital worked closely together after a hacktivist attacked the hospital’s computer network in 2014. Martin Gottesfeld launched a cyber attack on the hospital to protest teen care at the center of a high-profile custody battle; Gottesfeld was later sentenced to 10 years in prison. The attack on the hospital and medical center cost the facility tens of thousands of dollars and interrupted operations for days.
“The children’s and our Boston office already knew each other well – before the attack in Iran – and that made a difference,” Ray said.
He did not attribute a specific motive to the planned attack on the hospital, but noted that Iran and other countries are hiring cyber mercenaries to carry out attacks on their behalf. In addition, the health and public health sectors are classified by the US government as one of the 16 critical infrastructure sectors, and health care providers such as hospitals are considered mature targets for hackers.
As for Russia, he said, the FBI is “vying” to warn of potential targets for preparatory actions that hackers are taking for destructive attacks. In March, for example, the FBI warned that it was seeing increased interest from hackers in energy companies since Russia’s war against Ukraine.
Hackers in China have stolen more corporate and personal data from people in the United States than all other nations combined, as part of a broader geopolitical goal of “lying, cheating and stealing a path in the global denomination of global sectors,” Ray said.
The speech came as the FBI continued to fight ransomware attacks by criminal gangs, a continuing concern for U.S. officials despite the lack of crippling raids in recent months.
Ray stressed the need for private companies to work with the FBI to thwart ransom gangs and nation-wide hackers.
“What these partnerships allow us to do is hit our opponents everywhere, from victims ‘networks to back to hackers’ own computers,” Ray said.
The FBI and other federal agencies are working to reassure victims of hacking that it is in their best interest to report intrusions and cybercrime. Many companies attacked by ransomware gangs often do not turn to the FBI for various reasons.
Ohio Sen. Rob Portman, a senior Republican on the Senate Homeland Security and Government Committee, released a report this year criticizing the FBI’s response to some victims of ransom software. In two cases, the FBI “prioritized its investigative and prosecutorial efforts to suspend the attackers ‘operations over the victims’ need to protect their data and mitigate the damage,” the report said.
An unnamed Fortune 500 company told commission officials that the FBI had not offered any “help” in responding to a ransomware attack.
However, Ray cites the FBI’s ability to get a technically trained agent to every victim of a company in an hour – “and we use it a lot.”
___
Sutherman reported from Richmond, Virginia.
___
Follow Eric Tucker on Twitter at
Add Comment