Texas Border Business
FBI Director Christopher Wray described the Bureau’s aggressive efforts to counter cyber threats and go after attackers in an April 4 speech at a conference of leading cybersecurity experts.
The Director said “joint, sequenced operations” with the FBI’s domestic and international partners are helping the Bureau counter ever-evolving cyber threats, including ransomware, and to take down cybercriminal groups.
“We use a wealth of hard-earned experience to design operations to hit them everywhere it hurts, and put them down, hard,” Wray said at the FBI and University of Kansas Cybersecurity Conference. “We’re developing all these operations based on decades of experience battling nation-state and criminal threats across high- and low-tech domains.”
The conference brings together U.S. experts in cybersecurity who present research, analysis, and best practices in the field.
In his remarks, Director Wray said the FBI works to strategically dismantle cybercriminal groups, piece by piece, by targeting the following:
- Ransomware administrators, affiliates, and facilitators;
- Cybercriminal group “infrastructure—like their servers and botnets;” and
- The cryptocurrency wallets cybercriminals use to “stash their ill-gotten gains, hire associates, and lease infrastructure”
During his remarks, Wray also noted that hostile nation-states—such as China, Russia, Iran, and the Democratic People’s Republic of Korea—are increasingly using “cyber operations” to meet their strategic goals and undermine the United States. These adversaries are “growing stealthier,” he said, and are always devising fresh methods to make their cyber operations more far-reaching and impactful.
But the FBI is fighting back against the slew of cyber threats our nation faces by conducting joint operations with partners, he said. Wray spotlighted successes including:
- An operation we undertook alongside partners from more than six countries that made the Russian Federal Security Service’s Snake malware essentially self-destruct
- The FBI’s collaboration with our European partners to lawfully compromise the Hive ransomware group’s “command and control network,” take control of and shutter its websites and servers, and devise “a decryption capability” that spared victims from having to pay “tens of millions” of dollars worth of ransoms
- The FBI’s joint effort with law enforcement partners in 12 countries to take down the Genesis Market, which Wray called “our biggest takedown ever of criminals dealing in stolen digital credentials”
- The eviction of Russian military intelligence from more than 1,000 wireless internet routers and revocation of its access to a botnet it’d used to conduct cyber operations against multiple nations, including the U.S.—a collaborative effort between the FBI and our domestic and international law enforcement partners
- The February 2024 disruption of the LockBit ransomware group’s infrastructure and seizure of its U.S.-based servers via an operation conducted “among 10 countries.”
Wray said the FBI has also engaged in “a steady stream of operations” against the Chinese military and the nation’s intelligence services.
“As you’d expect, given that China wields a bigger hacking program than those of every major nation combined, we’re confronting them across the country and around the world, literally every day,” Wray said.
He also discussed the FBI’s Model Cyber Squad initiative, which looks to eventually equip each of the Bureau’s 56 field offices with at least one interdisciplinary team dedicating to detecting and deterring cyber threats.
Each Model Cyber Squad consists of about 12 FBI personnel, including special agents, intelligence analysts, and additional experts such as computer scientists and data analysts—”the perfect blend of investigative, technical, and analytical know-how to both identify cyber threats and take them down—Wray said.
These squads will help us focus on responding to cyber incidents, assisting victims, and outpacing malign efforts by foreign adversaries and other bad cyber actors, he added.
Finally, he encouraged the students in attendance to considering cyber careers with the FBI, since Bureau needs more technical experts to help us stay ahead of such threats.
He emphasized the wide range of ways budding cyber minds could help support the FBI’s efforts in this arena, including by:
- Planning and executing the “joint, sequenced operations” of tomorrow
- Serving on a Cyber Action Team
- Working with victims
- Otherwise assisting with cyber incident response here at home or overseas
“For years, the Bureau has been laser-focused on hitting as many adversaries as we can and on getting the most bang for our buck out of every operation,” he said, “but with the cyber threat growing increasingly severe and complex, we’ve got both the room, and the need, to grow. So I hope some of you will apply to join us.”