SAN FRANCISCO – The FBI San Francisco announces an awareness campaign to warn the private sector of the increase in malicious cyber intrusions in organizations of all sizes. The San Francisco Bay Area, including Silicon Valley, remains a target-rich environment for cyberattacks. The FBI encourages organizations to establish proactive relationships with their local FBI office.
The awareness campaign will run from June 1 to September 2, 2022 and will include media appearances, a social media campaign and presentations to local industry groups. The FBI will also participate in the RSA 2022 conference from June 6 to June 9, 2022, at the Moscone Center in San Francisco, California. FBI employees will have a booth on the expo floor and speak at various panels on emerging and persistent cybersecurity threats.
“The FBI can provide businesses with near real-time intelligence, threat trends, and practical advice to bolster a company’s defenses against cybersecurity attacks,” said the FBI’s Special Agent in Charge in San Francisco. Francisco, Sean Ragan. “When a cybersecurity incident occurs, the FBI can respond quickly and effectively to investigate the attack, identify criminal actors, and help businesses mitigate the damage from the intrusion. Cyber risk is business risk, and cyber security is national security. We must all work together to strengthen our nation’s cyber defenses.
Recent trends in malicious cyber activity
The FBI San Francisco has recently seen an increase in the following types of cyber intrusions:
- Ransomware: The FBI has seen ransomware criminal groups cause more destruction and demand larger ransoms in recent years. In some cases, when a company pays a ransom, the criminal group targets it again a few months later. The FBI has also seen ransomware groups operate on a franchise model, where the criminals who create the ransomware variants are willing to sell the code to less sophisticated cybercriminals for easy profit.
- Supply chain attacks: The FBI warns companies that supply chains are increasingly a point of vulnerability for cyber intrusions. A company’s cybersecurity is only as good as the security of its trusted vendors.
- Attacks on Critical Infrastructure: In 2021, US critical infrastructure saw an unprecedented increase in cyberattacks. While nation-state threats remain of concern due to their persistence, sophistication, and potential for destructive intent, cybercriminals deploying ransomware have arguably the most visible direct impact on critical infrastructure of organizations. United States, including hospitals, the energy sector and emergency services.
How the FBI can help with preventative measures
The most important step a business can take to prepare for cybersecurity incidents is to develop a relationship with its local FBI office prior to an intrusion. When the FBI can engage with a company quickly, we can share indicators that help network defenders identify malicious activity and intelligence about what actors have done elsewhere that informs a company’s decision-making during a crisis.
The FBI recommends that all businesses, regardless of size, take these preventative steps in this heightened threat environment:
- If possible, identify your company’s most sensitive information and encrypt it. Hackers often steal this information and attempt to extort companies by threatening to leak it online.
- Make sure your organization has an incident response plan that includes the FBI. Your organization should implement your incident response plan on a regular basis.
- Make sure you have offline backups of critical data.
- When you realize your system is compromised, cyber criminals may have already taken your data. There are several red flags to look for that could indicate a cyberattack, including broken passwords, lots of pop-up ads, unexplained online activity, slow devices, and changed system settings.
- Know if your company has connectivity in Eastern Europe that could lead to additional vulnerabilities.
- If it is compromised, contact the FBI immediately.
What to do after a cyber intrusion
Contact the FBI as soon as you become aware of a cyber intrusion. During a crisis, we can work hand-in-hand with your incident response team in your U.S. office while working with foreign partners to mitigate an attack, develop threat intelligence, understand exfiltration, and inform defensive posture. . If your business suffers a breach, even though it may be new to you, chances are the FBI has seen the hackers before, either firsthand or through our global network.
As a federal law enforcement agency, the FBI can conduct criminal investigations and gather evidence of violations of U.S. computer hacking and espionage laws using criminal court procedures, such as subpoenas to appear, search warrants and wiretaps. This collection provides details that reveal who is compromising our networks, how our adversaries are succeeding, and where they might strike next, all because of the technical clues they leave behind.
Because cyberattacks are a global problem, the FBI has legal attachés in more than 70 U.S. embassies around the world and law enforcement partnerships in each of those countries. The FBI has a global workforce of cybersecurity experts, working closely with a network of foreign law enforcement and intelligence agencies. This means that infrastructure used in foreign countries can be leveraged to develop threat intelligence or mitigate attacks through international agreements and partnerships.
By working with the FBI, you are working to help prevent the actor from victimizing others and potentially re-victimizing you.
FBI – Private Sector Partnership Groups
The FBI shares information with the private sector through individual contacts, cyber threat bulletins, and our many partnerships, including Fortune-1000 companies that belong to the Homeland Security Alliance Council (DSAC) and American critical infrastructure professionals in our national InfraGard program.
The Homeland Security Alliance Council, or DSAC, is a security and intelligence sharing initiative between the FBI, the Department of Homeland Security and the private sector. Established in 2005, DSAC enables an efficient two-way flow of verified information between the FBI and participating members to help prevent, detect, and investigate threats to American businesses and the economic and national security of the United States. For more information, please visit: https://www.dsac.gov/.
InfraGard is a partnership between the FBI and members of the private sector to protect America’s critical infrastructure. Through seamless collaboration, InfraGard connects owners and operators within critical infrastructure to the FBI to provide education, information sharing, networking, and workshops on emerging technologies and threats. InfraGard members include business executives, entrepreneurs, lawyers, security personnel, military and government officials, IT professionals, academics, and state and local law enforcement, all dedicated to bringing industry-specific information and advancing national security. To learn more about InfraGard membership, please visit www.infragard.org. FBI alerts and advisories are delivered directly through the InfraGard platform.
The FBI’s Internet Crime Complaint Center (IC3) also provides industry alerts at https://www.ic3.gov/Home/IndustryAlerts.
Contact the FBI
Contact the FBI’s field office in San Francisco at (415) 553-7400. You can report Internet crimes at www.ic3.gov and other suspicious criminal activity at tips.fbi.gov.
*For media inquiries, please contact the FBI Media Office in San Francisco at email@example.com*