Washington – Iranian-backed hackers launched an unsuccessful cyberattack on Boston Children’s Hospital in the summer of 2021, FBI Director Christopher Wray revealed on Wednesday.
Speaking at a cybersecurity conference hosted by Boston College, Wray said that when the FBI was alerted to malicious activity by an “intelligence partner”, agents from the Boston field office ” ran” to identify and mitigate the threat.
The foiled attack, which could have involved a series of threats – a system-wide shutdown that could have affected the care of children who were patients in hospital or ransom demands – was planned by hackers which have been deemed an “advanced persistent threat” by the bureau and linked to Iran, according to a government official familiar with the matter.
Iran’s hack attempt was “one of the most despicable cyberattacks I’ve seen,” Wray said, adding that “the swift actions of everyone involved, especially at the hospital, have protected both the network and the sick children who depend on it”.
The FBI had very little time to defend against the attack, according to a government official familiar with the matter, but the FBI was in contact with the children’s hospital shortly after being alerted.
Working with the FBI and its own cybersecurity division, Boston Children’s was able to thwart the attack. A senior government official said investigators were unaware of any hacker entries into the hospital’s computers.
Wray told attendees of the webconference that the FBI’s quick work and partnership with the hospital speaks to the importance between the private sector and federal investigators in stopping malicious and often state-sponsored cyberattacks.
“Thanks to the FBI and our staff at Boston Children’s Hospital working so closely together, we proactively thwarted the threat to our network,” the hospital said in a written statement.
Ransomware attacks have alsoaccording to the Cybersecurity and Infrastructure Security Agency (CISA).
Analysis released by CISA last October found a troubling relationship between cybersecurity intrusions and loss of life, particularly among hospitals that have met “crisis care standards” in constrained states. to ration resources after filling up intensive care beds amid the pandemic.
The attacks also complicate long-term patient care, as hospital staff are required to spend “more time tracking a patient’s medical history”.
“Downstream effects include canceled or delayed surgeries and cancer treatments, closure of multiple COVID-19 test collection sites, inability to submit X-ray images, and loss of communication between network hospitals” , says the report. “It forced the diversion of critical patients, the keeping of paper records and the suspension of care for high-risk patients.”
The intention of the hackers remains unclear.
In March, Wray called out hackers linked to the Iranian government for launching a cyberattack on a children’s hospital. But in a major reveal on Wednesday, the FBI director revealed the hospital was Boston Children’s on Wednesday.