Iran was behind last year’s “despicable” cyberattack attempt on a children’s hospital in Boston, the FBI says.
Bureau chief Christopher Wray fingered the authoritarian state at a cybersecurity conference in the Massachusetts capital on Wednesday, during an address in which he summarized the threats posed by it and other nations including Russia and China.
“In the summer of 2021, hackers sponsored by the Iranian government tried to conduct one of the most despicable cyberattacks I’ve seen when they decided to go after Boston Children’s Hospital,” he said.
“We got a report from one of our intelligence partners indicating Boston Children’s was about to be targeted,” he added. “Our folks got the hospital’s team the information they needed to stop the danger right away. Quick actions by everyone involved, especially at the hospital, protected both the network and the sick kids who depend on it.”
Wray did not provide the conference with hard evidence to substantiate the claim, but experts in the field have provided a rationale for why state-backed threat actors might choose such soft targets.
“The first question when looking at the recent rise of healthcare threats is ‘why?,’” said Benny Czarny, head and founder of cybersecurity firm Opswat, “and it’s a fairly simple answer. Regardless of the threat actor, patient and insurance data and massive disruption are at the core of what they’re after.”
And cash-strapped hospitals presented malicious hackers with attack vectors that could be all too easily exploited, he added.
“Healthcare systems deal with a vast network of providers, referral networks, insurers, and more - providing multiple access points to digital patient data,” he said. “In an environment where healthcare costs are exorbitant, staff reduction and cuts in software spending can have an impact on systems not being patched. Coupled with these vulnerabilities are the challenges of managing a multi-vendor environment where patient data is shared across networks and systems.”
The greatest threat of all
Wray also told the conference that while the FBI was on “combat tempo” and “laser-focused” on Russia since its invasion of Ukraine, it believed China posed a far greater long-term cyber-threat.
“We’ve seen the Russian government taking specific preparatory steps towards potential destructive attacks, here and abroad,” he said. “We’re racing out to potential targets to warn them about the looming threat, giving them technical indicators they can use to protect themselves. And we’re moving rapidly to disrupt Russian activity.”
But he added: “China is clearly a very different threat than Russia. The Chinese government is methodical, hacking in support of long-term economic goals. China operates on a scale Russia doesn’t come close to. They’ve stolen more American personal and corporate data than all nations combined.”
“China’s economy also gives it leverage and tools that Russia lacks,” he said. “For many US and foreign companies doing business in China, the cost effectively amounts to a blanket consent to state surveillance in the name of security at best.
“At worst, they’ve got to accept the risk that their sensitive information may be co-opted to serve Beijing’s geopolitical goals.”
More from Cybernews:
Subscribe to our newsletter