U.S. Rep. Stephen Lynch (D-MA) met with officials from the Federal Bureau of Investigation (FBI), the Department of Justice (DOJ), and the Cybersecurity and Infrastructure Security Agency (CISA) to examine cyberattacks during the COVID-19 pandemic.
The attacks have been targeting federal government agencies, non-government organizations, state and local healthcare providers, and medical research institutions during the coronavirus pandemic, said Lynch, chairman of the House Subcommittee on National Security. The briefing was held with Bryan Ware, assistant director of the CISA Cybersecurity Division, Tonya Ugoretz, deputy assistant director of the FBI Cybersecurity Division, and Adam Hickey, deputy assistant attorney general of the DOJ National Security Division.
“As our nation races to prevent the spread of coronavirus, foreign adversaries and cybercriminals are targeting the very infrastructure that undergirds our national public health response,” Lynch said. “I am deeply concerned by reports that malicious cyber actors may seek to sabotage or extract critical information from U.S. medical and research institutions, potentially delaying the delivery of life-saving treatments and vaccines. Our national security agencies must be postured to detect, defend, and deter these threats, and Congress has an important role to play to ensure that our federal cybersecurity professionals have the resources they need to achieve that mission.”
Ware and Ugoretz confirmed that malign entities, including cybercriminals and actors affiliated with foreign adversaries, are seeking to exploit cyber vulnerabilities within federal government and private sector networks and systems. This includes those conducting medical and pharmaceutical research.
“The pandemic created a fertile environment for a whole range of cyber actors to take advantage,” Ugoretz said.
Ware added that CISA has identified and worked to close “thousands of vulnerabilities” across internet-connected devices used by the private sector. Specifically, CISA has been able to block 7,000 malicious Internet domains that malign cyber actors have attempted to use as “lures” to collect sensitive information.
Further, Ugoretz said that the FBI’s Internet Crime Complaint Center has received nearly 10,000 complaints about coronavirus-related scams since the beginning of the pandemic. This is triple the amount that was occurring before the pandemic. She said the FBI is continuously monitoring, investigating, and responding to attempts by malign cyber actors to exploit the coronavirus pandemic for monetary profit or critical information.