Matt Bush, FISM News
At the Boston Conference on Cyber Security on Wednesday, FBI Director Christopher Wray outlined various threats to American citizens, private companies, and infrastructure posed by hackers around the world, many of which are sponsored by foreign entities.
During his speech, Wray shockingly revealed that an Iranian-backed cyberattack targeted a Boston Children’s Hospital in 2020, which if it had been successful could have resulted in the death of multiple children. The threat, which Wray described as “one of the most despicable cyberattacks I’ve seen,” threatened to disrupt services to pediatric patients of the hospital that the U.S. News and World Report has rated the no. 1 children’s hospital in America for seven years in a row.
The attack was stopped by a combination of the FBI Boston field office, hospital staff, and an unspecified intelligence partner. Wray said that after the FBI received a report that the hospital would be targeted, it notified hospital officials immediately and worked together to mitigate the threat.
Wray commented that “quick actions by everyone involved, especially at the hospital, protected both the network and the sick kids who depend on it.”
The details of the thwarted attack were made in a larger context about the threats posed by cyberattacks and ransomware in general and how important cybersecurity is in America. Wray focused on the cyber threats that Russia, China, Iran, and North Korea pose and how each country has different goals and approaches to cyber warfare meaning there is no one-size-fits-all approach to mitigating the threat.
“If malicious cyber actors are going to purposefully cause destruction, or hold data and systems for ransom, they tend to hit us somewhere that’s really going to hurt,” Wray said. In his speech, Wray also revealed that in 2021 there were “ransomware incidents against 14 of the 16 U.S. critical infrastructure sectors, including healthcare, but also many of the other things we depend on.”
According to the Cybersecurity and Infrastructure Security Agency (CISA), hospitals are especially susceptible to cyber-attacks which could potentially result in life-threatening chaos. CBS News reports that when hospitals are targeted its “effects include canceled or delayed surgeries and cancer treatments, closure of several COVID-19 test collection sites, inability to submit radiology imaging, and loss of communication between hospitals in the network.”
The pandemic also amplified issues related to hospitals and medical facilities. John Riggi, the National Adviser for Cybersecurity and Risk for the American Hospital Association, said, “Most facilities were forced to deploy large quantities of network-connected technology in a very short period of time leaving more vulnerabilities for hackers to take advantage of.”
Instances of devastating cyberattacks against civilian and government structures have become a major issue of national security and more advanced security measures will need to continue to grow to meet these threats.
As the U.S. becomes more and more reliant on electronic record-keeping and internet-based storage, cyberattacks will become more and more prevalent. Ryan Ellis of Northeastern University told the Boston Globe, “The basic equation is that more and more of our data is digitized. We rely on common systems; we rely on common software. And when there are vulnerabilities across networks … it can become fairly easy for gangs to operate on economies of scale.”