Last week, U.S. Representative Stephen F. Lynch, Chairman of the Subcommittee on National Security, held a briefing with the Federal Bureau of Investigation (FBI), the Department of Justice (DOJ), and the Cybersecurity and Infrastructure Security Agency (CISA) to examine cyberattacks targeting federal government agencies, non-government organizations, state and local healthcare providers, and medical research institutions during the coronavirus pandemic.
Subcommittee Chairman Lynch issued this statement after the briefing:
“As our nation races to prevent the spread of coronavirus, foreign adversaries and cyber criminals are targeting the very infrastructure that undergirds our national public health response. I am deeply concerned by reports that malicious cyber actors may seek to sabotage or extract critical information from U.S. medical and research institutions, potentially delaying the delivery of life-saving treatments and vaccines. Our national security agencies must be postured to detect, defend, and deter these threats, and Congress has an important role to play to ensure that our federal cybersecurity professionals have the resources they need to achieve that mission.”
The briefing was provided by Mr. Bryan Ware, Assistant Director of the CISA Cybersecurity Division, Ms. Tonya Ugoretz, Deputy Assistant Director of the FBI Cybersecurity Division, and Mr. Adam Hickey, Deputy Assistant Attorney General of the DOJ National Security Division.
- Malicious actors are taking advantage of cyber vulnerabilities in the federal government and private sector. Mr. Ware and Ms. Ugoretz confirmed that malign entities, including cyber criminals and actors affiliated with foreign adversaries, are seeking to take advantage of the coronavirus crisis to exploit cyber vulnerabilities within federal government and private sector networks and systems, including those conducting medical and pharmaceutical research. According to Ms. Ugoretz, “the pandemic created a fertile environment for a whole range of cyber actors to take advantage.”
- CISA is working with federal, local, and private entities to address cyber vulnerabilities. Mr. Ware said CISA has identified and worked to close “thousands of vulnerabilities” across internet-connected devices used by the private sector. CISA has also been able to block 7,000 malicious Internet domains that malign cyber actors have attempted to use as “lures” to collect sensitive information. Mr. Ware also described CISA’s efforts to protect the U.S. coronavirus response by imposing costs on adversaries attempting to interfere in essential activities, ensuring the security of the nation’s digital transformation as public and private entities move online, and working with critical federal, state, local, and private entities to secure the physical and cyber infrastructure of the nation’s medical supply chain.
- FBI has received thousands of complaints about coronavirus-related scams. Ms. Ugoretz stated that the FBI’s Internet Crime Complaint Center has received nearly 10,000 complaints about coronavirus-related scams since the beginning of the pandemic, triple what was typical before the pandemic. She added that the FBI is continuously monitoring, investigating, and responding to attempts by malign cyber actors to exploit the coronavirus pandemic for monetary profit or exfiltrate critical information from networks involved in the U.S. coronavirus response.
On May 5, 2020, Chairman Lynch wrote a letter to the Directors of the FBI and CISA requesting a briefing on the growing and alarming number of cyberattacks targeting federal government agencies and private entities during the coronavirus pandemic.