FBI Boston Urges Cybersecurity Awareness, Releases Public Service Announcement with Moderna Encouraging the Private Sector to Partner with the FBI
The Boston Division of the Federal Bureau of Investigation (FBI) is engaged in a cybersecurity awareness campaign to warn government, academic, and private sector organizations in our region about continued cyber threats.
As the home of many Fortune 500 companies, defense contractors, startups, colleges and universities, many of which have renowned research and development facilities, New England is a target-rich environment for cyberattacks. The FBI is inviting organizations of all sizes to partner with it before a cyber incident occurs.
In a public service announcement released today, FBI Boston teamed up with Moderna to highlight the need for a strong, bilateral relationship in guarding against multi-faceted cyber criminal syndicates and nation state actors.
“The first step towards protecting yourself from cyber incidents is to develop a relationship with the FBI. Doing so enables you to identify who to call in the event you do suffer a cyber incident, granting quick and efficient access to our rich network of resources,” said Joseph R. Bonavolonta, Special Agent in Charge of the FBI Boston Division. “Cybersecurity is national security, and by working together and reporting these incidents to us, you are working to help prevent these bad actors from victimizing others, and potentially from re-victimizing you.”
Dean Geribo, Vice President of Global Security for Moderna, added, “Both as part of Operation Warp Speed and our daily operations, we at Moderna have fostered a strong, bilateral relationship with the FBI and we encourage you to do the same. To be frank, FBI Boston is critical in ensuring our safe and continued operations, now and into the future. Not reporting an incident may not only create barriers to a full understanding of the threat but could also prevent discovery of evidence leading to the identification of threat actors, and the ability to hold them accountable.”
Last year, according to the FBI’s Internet Crime Complaint Center, Americans reported losing $7 billion to cybercriminals. Here in FBI Boston’s area of responsibility, which includes all of Maine, Massachusetts, New Hampshire, and Rhode Island, almost 15,000 victims reported losses of more than $184 million, which is a 54% increase from the previous year. The $184 million does not include the costs of data breaches and leaks, lost productivity, loss of intellectual property, disruption to business, and reputational harm to the victims.
FBI Boston has seen recent increases in the following types of cyber intrusions:
- Ransomware: Cybercriminals and nation-state actors breach private networks, deploy ransomware to encrypt victims’ data, and then demand ransom payments to unlock the encrypted data. When a ransomware incident occurs, swift communication with the FBI can positively impact data recovery efforts. The FBI does not recommend victims pay ransoms because it encourages more criminal activity and does not guarantee they’ll get their data back. Last year, over 145 ransomware infections were reported by victims in FBI Boston’s area of responsibility which represents an 85% increase from the previous year, and we know the actual rate of infection is much higher than what is reported. One company in our area paid a $5.2 million ransom and incurred additional costs for remediation.
- Critical Infrastructure Attacks: The private sector controls most of the country’s critical infrastructure, intellectual property, and personal data, making large corporations and small businesses frequent targets of cyberattacks. Last year, America’s critical infrastructure experienced an unprecedented increase in cyberattacks. While nation-state threats remain the most significant threat to critical infrastructure because of their persistence, sophistication, and potential for destructive intent, ransomware attacks by cybercriminals have also targeted U.S. critical infrastructure, including emergency services, hospitals, and the energy sector. In the summer of 2021, hackers sponsored by the Iranian government tried to conduct a cyberattack on Boston Children’s Hospital. Due to a pre-existing relationship, the FBI was able to help them identify and mitigate the threat quickly.
- Supply Chain Attacks: A business’s cybersecurity is only as strong as that of its trusted vendors. Supply chains are increasingly a point of vulnerability for computer intrusions.
As the only U.S. government agency with both law enforcement and intelligence capabilities, the FBI is uniquely situated to support victims through our network of domestic and foreign counterparts and private sector partners.
When a victim reports a compromise, FBI cyber experts help pinpoint malicious cyber activity, share intelligence to help leaders make decisions during a crisis, and help prevent more damage. Our experts work with victims to arrest and prosecute cybercriminals as well as target the infrastructure the criminals used to conduct their attacks to prevent them from continuing to inflict damage. The FBI also has specialty teams whose aim is to freeze and seize the money cybercriminals steal from their victims.
Companies and organizations in Maine, Massachusetts, New Hampshire, and Rhode Island can call 857-386-2000 to connect with FBI Boston cyber squads or to report compromises. You can also report Internet crimes at ic3.gov and other suspicious criminal activity at tips.fbi.gov.
Additionally, the FBI shares information with the private sector through one-on-one outreach, cyber threat bulletins, and through many partnerships including the Domestic Security Alliance Council (DSAC) and InfraGard.
The Domestic Security Alliance Council, or DSAC, is a security and intelligence-sharing initiative between the FBI, Department of Homeland Security, and the private sector. Created in 2005, DSAC enables an effective two-way flow of vetted information between the FBI and participating members to help prevent, detect, and investigate threats impacting American businesses and U.S. economic and national security. For more information, please visit dsac.gov.
InfraGard is a partnership between the FBI and members of the private sector to protect U.S. critical infrastructure. It connects owners and operators within critical infrastructure to the FBI to provide education, information sharing, networking, and workshops on emerging technologies and threats. InfraGard’s membership includes business executives, entrepreneurs, lawyers, security personnel, military and government officials, IT professionals, academia, and state and local law enforcement—all dedicated to contributing industry-specific insight and advancing national security. To learn more about joining InfraGard, please visit infragard.org. FBI alerts and advisories are provided directly through the InfraGard platform.
In addition to partnering with the FBI, companies should also take the following preventive steps:
- Update and patch operating systems and software.
- Implement robust access controls, especially for privileged users.
- Monitor security logs.
- Audit trusted third parties or others with access to systems and sensitive data.
- Require personnel to choose a strong, unique password for each account and use multifactor authentication for as many services as possible. Passwords should be changed regularly.
- Educate personnel about phishing schemes to highlight the risks of clicking on suspicious links, opening suspicious attachments, and visiting suspicious websites.
- Keep offline backups of data, and regularly test backup and restoration capabilities. Ensure all backup data is encrypted and immutable.
- Keep up to date with our industry alerts on ic3.gov.
- Develop a cybersecurity incident response plan that includes the FBI. If compromised, contact the FBI immediately.
- If you believe someone has compromised your systems, beware of signs of compromises such as broken passwords, myriad pop-ups, slow-running devices, altered system settings, or unexplained online activity.