FBI wants to partner with Hawaii businesses, organizations to deter cyberattacks

STAR-ADVERTISER

Steven Merrill

The FBI Honolulu Division special agent in charge says China and Russia pose the greatest cyberattack threats

The Federal Bureau of Investigation wants to partner with Hawaii businesses as part of a nationwide effort to combat the cyberthreat posed by China and other actors working to undermine the U.S. economy and compromise critical infrastructure.

Delivering remarks to reporters Wednesday, FBI Honolulu Division Special Agent in Charge Steven Merrill said agents are focused on the “increasing urgency” for companies and organizations to work with the FBI against cyberthreats.

The bad guys in cyberspace are often a “blended threat” and it is difficult to discern where criminal activity ends and “nation state activity begins,” he said.

“For instance, the Chinese government runs the most active cybertheft ring in the world and they are just as focused on stealing U.S. business secrets as U.S. national security secrets,” Merrill said. “Essentially their strategy for catching up to the United States economically and as a global power has been to lie, cheat and steal at every opportunity. They have a massive sophisticated cybertheft program conducting more cyber intrusions than all other nations in the world combined.”

While China and Russia pose the greatest espionage and cyberattack threats, Merrill told the Honolulu Star-Advertiser that the FBI anticipates that “all our adversaries and strategic competitors” will increasingly build and integrate cyber espionage, attack and influence capabilities into their efforts to influence U.S. policies and advance their own national security interests.

The FBI is opening a new China-related counterintelligence case nearly every 10 hours, according to the bureau, and of the roughly 5,000 active FBI counterintelligence cases being worked by field offices across the country, almost half are related to China. The Chinese government uses hacking to steal corporate and personal data from American companies and individuals, and employs military and nonstate hackers to do the work, according to the U.S. Department of Justice.

Don't miss out on what's happening!

Stay in touch with top news, as it happens, conveniently in your email inbox. It's FREE!

By clicking to sign up, you agree to Star-Advertiser's and Google's Terms of Service and Privacy Policy. This form is protected by reCAPTCHA.

Merrill’s statements came six days after FBI Director Christopher Wray mentioned the threat posed by China at the start of his briefing to the U.S. Senate Committee on the Judiciary. The counterintelligence and economic espionage efforts by China are a “grave threat” to the country’s health and democratic values, according to the FBI, and combating this threat is the bureau’s top counterintelligence priority.

Wray made clear July 7 that the Chinese people and Chinese Americans are not the focus of federal law enforcement efforts. The government of China and the Chinese Communist Party are the focus of those efforts. The “greatest long-term threat” to U.S. information and intellectual property and economic health is the counterintelligence and economic espionage threat from China, according to Wray.

“Each and every day, the men and women of the FBI are taking on the Chinese government’s broad-scale economic espionage campaign targeting our ideas, our innovation, our economic security,” Wray told the committee Aug. 4. “They’re working with our government, foreign and private sector partners to meet the danger from cyber actors, including fighting the scourge of ransomware attacks against U.S. businesses and critical infrastructure.”

Ryan Ozawa, a Hawaii technologist and author of one of the weekly Star-Advertiser Tech View columns, told the newspaper “it’s a given that cyberattacks rain down on Hawaii businesses, networks and infrastructure on a daily basis.”

“Much of it is automated and easily mitigated, but there are definitely concerted, focused efforts intent on infiltrating or disrupting things here,” Ozawa said. “According to at least a few cybersecurity experts I’ve worked with, many of the largest systems in Hawaii have been compromised more than once, and some remain vulnerable even after being patched.”

Hawaii’s geography puts local businesses and organizations in the “cyberwarfare bull’s-eye,” said Ozawa, and despite the reality of communication connections shifting away from undersea cables, the islands are still a hub of strategic military activity and intelligence.

“Let’s not forget that Edward Snowden was based here. There was an attempt earlier this year to hack a major telecom cable through a local company’s systems. We’ve been home to more than our fair share of Chinese spies and compromised officials over the years,” Ozawa said. “I think it’s fair to think that the frequency and intensity of attacks can coincide with international and global incidents — from the Russian invasion in Ukraine to Speaker Nancy Pelosi’s visit to Taiwan. Cyberattacks are low risk and potentially high return for both government and independent actors.”

The “vast majority of activity is focused on pretty conventional methods and targets” like phishing employees to steal information or demand a ransom for its return, Ozawa said. But targets like utilities, broadband service providers and most definitely military assets and facilities are always under attack.

Mark Wong, Honolulu’s chief information officer, told the Star-Advertiser that phishing emails are among the most common cyber intrusion efforts the city experiences. The emails, sent under the guise of a legitimate business or opportunity, lead to the download or execution of malware, he said, and through education and detection Wong’s department is “quite successful in thwarting these types of attacks.”

“We see a lot of emails disguised as coming from city employees, but these are clearly flagged as suspicious and are generally deleted by the recipient,” Wong said. “Another type of attack is based on attempts to take advantage of vulnerabilities in systems. The city intentionally launches the same type of attacks to address any preventable weaknesses.

Vulnerabilities to the city system or any network can generally be related to human behavior, weak authentication, obsolete or poorly configured hardware, and unsecured software, according to Wong.

“Mayor (Rick) Blangiardi, the administration, and the City Council have made it a priority to address cybersecurity. Cyberattacks are a constant and rapidly-evolving threat, and adequate funding is essential to combat attacks and to be able to restore compromised services,” Wong said.

Jodi Ito, chief information security officer for the University of Hawaii system, told the Star-Advertiser that additional challenges arise when trying to secure a “highly decentralized” network spread amid campuses scattered across the state.

The university has to balance protecting confidential personal and financial information of students, faculty and staff with the highly regulated data and information used by researchers that are often subject to local, national and international laws. That type of data and information is protected with a much more stringent set of policies and procedures, Ito said. Since 2010, a “robust security” effort has been employed to keep up with the ever-changing tactics of cybercriminals.

In addition to phishing emails, the university sees a lot of attempts by hackers harvesting passwords made public on the dark web or exposed elsewhere to gain access to the network. The university also finds cyber intruders scanning networks looking for unpatched vulnerabilities.

“We do have minimum security standards based on the type of data being used,” Ito said. “Pretty much every single type of attack that is public we see. Not that they are successful all the time, but they do try it.”