Experts Discuss Cyber Risk, From Law Enforcement to Insurance Claims
To combat cyber activity, law enforcement agencies in the United States and abroad interact to exchange information about their cyber adversaries. The FBI maintains 56 field offices, each with a multiagency cyber task force manned with investigators, special agents, intelligence analysts, digital forensic technicians, and more, all with a focus on helping victims of cybercrime. These offices work with the Intelligence Community, the National Cyber Investigative Joint Task Force, and cyber assistant legal attachés to protect national security against cyber threats worldwide.
These agencies share intelligence information to keep the United States safe from cyber threats, and they also aim to develop relationships with private sector companies to share information about cyber activity before an attack occurs. Therefore, it’s important for the agencies to develop relationships with companies in the private sector. The agencies can deploy their cyber action teams within hours, domestically and globally, to assist companies onsite when a major incident or attack does happen.
“If … a private sector company is about to get hit by a ransomware attack or by any other type of intrusion, we want to get out there immediately and let that victim know how they can best mitigate that attack,” said Scott. “We only can do that if we have the relationship built, and the better we do that ahead of time, the stronger those relationships are.”
As a success story, Scott discussed how the agencies worked as a team and shared information to take down the HIVE ransomware group. Hive was a ransomware variant that was a threat worldwide. In July 2022, the team gained persistent access to Hive’s control panel, which enabled the team to get the decryption key. Having that, the team was able to reach out and provide assistance to victims as they were being victimized by Hive. They responded to 1,500 victims in 48 states and 88 countries, preventing an estimated loss of $130 million to victims.
The FBI had always estimated that only 20% to 25% of cyber victims report a cyber incident. As a result of the team’s interaction with Hive victims, the FBI was able to substantiate that percentage.
