The third-annual Cyber Security Conference at Boston College featured a keynote from FBI Deputy Director David Bowdich, followed by multiple panel discussions with experts from across the cybersecurity landscape—FBI agents; lawyers specializing in cyber law; and representatives from the NSA, department of homeland security, the IRS, and former members of the White House’s National Security Council.
The day-long conference kicked off with opening remarks from Kevin Powers, the founding director of the Woods College of Advancing Studies’ masters program in Cybersecurity Policy and Governance, and David Goodman, interim dean of the Woods College. Powers’ program is what brings experts in the field from across the country to Chestnut Hill, and Goodman serves as one of the co-chairs of the conference.
The dean’s brief remarks concentrated on why, philosophically, the 21st century has changed the way humans consider interaction with everything—technological advances have altered the basic premise of how communication takes place and how human identities evolve.
He also announced that the cyber program at BC will see redefinition in the coming months in order to expand possible capacities in terms of course offerings, specifically online ones, that is intended to bring in more students who are interested in cyber at BC beyond the Boston area.
Goodman then introduced Joseph Bonavolonta, special agent in charge of the Boston field office for the FBI. Bonavolonta centered his remarks around how his career has been personally affected by cyber threats. During his time as the assistant special agent in the FBI’s Boston division, he headed up counterintelligence and cyber work. Eventually, Bonavolonta went on to help establish the first foreign influence task force while deputy assistant director in the FBI’s counterintelligence division in New York.
Over the years, according to Bonavolonta, the importance of concentrating on cyber threats as a part of defending the United States has become more and more important. Bonavolonta noted that he “saw firsthand” how cyber can be used as a tool to destabilize democratic institutions.
“Over the past decade, cyber attacks have escalated at scale, they’ve expanded across all critical infrastructure at an alarming rate,” he said.
Bonavolonta was quick to point out that cyber attacks escalating “at scale” often prompts discussion surrounding cyber threats that focus on large-scale intrusions carried out by “nation state actors,” but he is just as concerned about what he referred to as “blended threats.” In blended threat cases, nation state actors—rather than working on a large scale—work with individual criminals or criminal organizations at a smaller scale to target the United States.
Such attacks can expose trade secrets, government secrets, information pertaining to people’s’ identities, and intellectual property theft, according to Bonavolonta. To bring home the point that the FBI is interested in more than large-scale intrusions, the special agent noted that on three different occasions within the last 18 months, the Boston division has partnered with the U.S. Attorney’s office to bring individuals to justice for cyber crimes.
A cyber predator was sentenced to 17 years in prison after waging cyber stalking campaigns and making more than 120 bomb threats to area schools; a hacker was sentenced to 10 years in prison for hacking into the Boston Children’s Hospital’s computer network—disrupting its systems for days—and a second cyber stalker was sent to prison for three years after pleading guilty to stalking three women, according to Bonavolonta.
The prevalence of cyber incidents in Boston alone, Bonavolonta said, makes conversations about cyber and emphasis on the field so important to him—more than 9,800 of the 14,000 cyber crime incidents reported last year were lodged in Massachusetts. Bonavolonta closed by saying that he believes opening up dialogue between institutions affected by cyber crime, government agencies, and private sector groups concerned with providing security makes for a much brighter online future.
BC’s Executive Vice President Michael Lochhead was next to take the podium. He said that though BC is not nationally known for its military research, he takes pride in the fact that the University does do work he considers “cutting edge.” In addition, cyber threats are a matter that Lochhead said should hit close to home with every college, noting that BC owns and manages private and sensitive data that could be valuable to outside entities with bad intentions.
He then introduced Bowdich, who replaced Andrew McCabe as the FBI’s deputy director in 2018 after his predecessor was fired, among some controversy, by former Attorney General Jeff Sessions.
Bowdich noted that Boston was an apt home for a cyber security conference, given the academic institutions and private sector corporations which hold valuable information throughout the state.
He emphasized throughout his remarks that he sees cyber threats through the same lens he looks at any other major threat that could put America at risk. That means that although cyber security is its own division within the FBI, the information and threat intelligence that the division sends up the ladder to Bowdich carries the same high level of importance as all threats to the United States, according to the deputy director.
Bowdich specifically emphasized the importance of hiring and retaining employees with cyber expertise.
“This is something that we are struggling with, not just in the FBI, but throughout the U.S. government,” he said. “Making sure that we’re able to hire enough true cyber expertise so that these experts can work in this field and … chase those who are hacking into our networks and pilfer our information.”
Bowdich did note that the increasing difficulty and complexity of cyber attacks is constantly evolving and poses a major danger to U.S. institutions. But internal threats can also lead to significant threats to companies and the country as a whole, according to Bowdich, because without proper training, employees can be negligent in how they take care of information.
He reiterated, as prior keynote speakers former FBI Director James Comey and current FBI Director Christopher Wray did, that cyber security issues are an “if, not when” matter, meaning that attacks are always on the horizon and proper security requires consistent and evolving vigilance.
Along those lines, after a successful attack has taken place, Bowdich said that immediate action and partnership between the FBI and victims of cyber threats is mandatory to in order to bring cyber criminals to justice. He cited his experience working with Sony after the infamous “Sony Pictures Hack” that took place before the movie The Interview was released as an example of a time a corporation was ready to work with the FBI to identify where the threat came from.
Bowdich identified Russia, China, North Korea, and Iran—not necessarily in that order—as the nation state actors providing the greatest threat to the United States.
“All are intent on stealing our [intellectual property], our secrets, and our national security information,” he said.
He then explained that one of the ways the FBI can prosecute cyber criminals is just by issuing indictments of criminals based overseas. Bowdich noted that he’s often asked why the FBI takes the time to do such a thing, since it appears to just be a formality—an indictment of a foreign actor can go completely ignored. But Bowdich said that there are multiple examples of such indictments, although basic, leading to extradition and prosecution of cyber criminals.
He specifically noted that a recent example of an indictment issued comes in the form of two cyber criminals who the FBI alleges have “acted in association” with China’s Ministry of State Security through wire fraud, aggravated identity theft, and conspiracy. Now, those two criminals will have their travel restricted and could lead to extradition if the alleged perpetrators slip up. Bowdich said that, even though indictments on foreign actors do not guarantee that every cyber criminal is going to get extradited, it’s treated as a serious technique that can and has brought criminals to justice.
Indictments serve as a way for the United States to, regardless of whether extradition takes place, lodge its discontent with any criminal activity—and specifically criminal activity that poses a threat to national security, according to Bowdich.
“We know that we’re never going to be able to indict them all, but if we don’t indict some we’re essentially providing tacit approval,” he said.
The FBI also uses Cyber Action Teams (CAT) to respond to major cyber incidents—a rapid response team that Bowdich compared to the cyber version of a SWAT team. Each of the 56 FBI field offices has its own CAT team, according to Bowdich. The FBI deploys cyber attachés in 20 nations across the globe as well to deal work with international organizations on cyber issues.
The deputy director went on to expand further on the threat China poses to the United States, due to the complexity of dealing with cyber crime committed by citizens of one of America’s closest trading partners.
“We need [China] in many respects,” he said. “At the same time, they are very much an adversary in the way that they pilfer out data and intrude on our networks each and every day. The threats are persistent, they are deliberate, and they are extremely patient.”
Bowdich explained that his understanding of the situation is that in China’s quest to become the world’s next superpower, the country is adopting non-traditional methods to attain information in its quest to increase its authority on the world stage. Cyber crime from China varies, but includes intrusions into corporate accounting, acquisitions, and supply chain management, where foreign actors can find vulnerabilities that can move back up the chain of corporate command and lead to an even larger and potentially more dangerous breach.
Bowdich said that China has a 20 to 50-year plan to mine more data, and Bowdich admitted that it’s difficult for government agencies to create three to seven-year plans to fight back against data theft and other cyber crime due to the rapid evolution of technology in the digital age. The solution, again, is open communication between government agencies and the private sector, specifically within the data security landscape, according to Bowdich. Collaboration between different agencies and different corporations is the only way to fight back against foreign actors, the deputy director said.
Russia, according to Bowdich, is a “tenacious adversary, never to be underestimated.”
“Russia uses the same old playbook,” he said. “They’ve been using it for decades. Their goal is to chip away at the credibility of the U.S. democracy. It is to create dissent and dissension inside our democracy.”
Bowdich pointed to the indictments the Special Counsel’s Office handed 12 Russian nationals in July 2018 as a publicly available example of the types of cyber strategies Russia is employing. He noted that Russia has evolved from joining groups covertly to using social media to wage the same type of information warfare the country has waged on U.S. soil in the past.
“Russia is fighting today’s fight, China is fighting tomorrow’s fight,” Bowdich said.
Bowdich closed his remarks by detailing multiple successful operations the FBI has executed in past years pertaining to cyber crime, explaining that, ultimately, the U.S. government has been able to develop strategies that have made the cyber world a safer place, despite the rapid evolution of technological threats.
“So what are we doing about it? Again, the cyber threat is as much about people as it is about technology, behavior, … identifying those vulnerabilities, having a strategy—not just to mitigate after the fact but to try to stay ahead of them,” he said. “To be effective, our adversarial actors, whether they’re criminal or nation state, they have to have the intent, the capability, and the opportunity—that’s the key—they have to have the opportunity to get where they want to go.”
Photo Courtesy of University Communications / Lee Pellegrini