US Department of Justice—Federal Bureau of Investigation (FBI): The New FBI Critical Infrastructure Cybersecurity Initiative
Presented by Ann Curran, Unit Chief, FBI Cyber Division
Ann Curran, Unit Chief for the FBI Cyber Division, spoke on the topic of promoting critical infrastructure security in the age of ever-increasing cyber threats. Curran leads a team at the FBI that focuses on cyber threats to operational technology which mainly impacts Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) systems that survey machines and processes at an industrial level.
The focal point was on protecting critical infrastructure as cyber-attacks become more frequent and advanced. In relation to the water and wastewater industry, Curran highlighted some of the key steps the FBI is taking to protect utilities. The first action was active monitoring of threats to the water sector, particularly those coming from nation state actors.
Recently, there have been several utilities related incidents involving Iranian affiliated attacks on computer systems as well as pro-Russian hacktivist intrusions into wastewater systems. Curran made an important point that utilities should work with the FBI to promote more information sharing with the water sector which is key when it comes to including the FBI in cyber incident response planning so that the bureau has all necessary information in the event of an attack.
Curran explained that moving forward, the bureau will classify and investigate these cyberattacks by treating the affecting companies as victims. Under this approach, all investigative data will remain completely confidential. To bolster this, the bureau is sharing more threat intelligence, advisories, and technical guidance with critical infrastructure operators to help them defend against emerging threats moving forward.
Lastly, Curran highlighted the importance of practical cybersecurity measures for utilities including but not limited to:
- Securing remote access
- Reducing industrial systems’ exposure to the internet
- Maintaining offline backup systems
- Implementing physical safeguards
- Preserving manual operation capabilities
A major takeaway from Curran’s presentation was that many cyberattacks exploit basic cybersecurity gaps that could often be avoided by following standard protocols and routine best practices. In closing, Curran highlighted the growing threat facing the industry as it becomes an increasingly attractive target for cybercriminals. She also noted the FBI’s interest in strengthening partnerships with industry groups to help build greater resilience against future threats.
Curran also highlighted several resources available to organizations facing potential cyber threats, including cyber task forces in all 56 FBI field offices, rapid-response cyber action teams (CAT teams), national intelligence coordination through the National Cyber Investigative Joint Task Force, and broader resilience initiatives such as “Operation Winter Shield.”