Huntsville FBI: Stopping Cyberattacks

By Stephen Deitz, ManTech Executive Vice President & General Manager, Federal Civilian Sector

In the first quarter of 2022, hackers launched 51 million “Remote Desktop Protocol” (RDP) cyberattacks in the United States. On average a new cyberattack strikes every 39 seconds. Yet despite this rising threat, the U.S. ranks as a world leader for its commitment to global cybersecurity, according to the International Telecommunications Union’s Global Cybersecurity Index.

Much credit goes to the success of proactive government cyber programs, notably by the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI), which work closely together on the rising cyber threat. CISA’s mission is to improve cybersecurity across federal civilian government, coordinate cybersecurity programs in the states, and improve protections against private and nation state hackers. As the lead government agency for investigating cyberattacks, the FBI pursues and prosecutes the offenders.

All told, the FBI operates 56 field offices nationwide, each with dedicated cyber squads. Huntsville, too, is expected to be a major FBI hub for agents and analysts dedicated to investigating and stopping cybercrime. That’s a big job for a very special breed of technology talent in the hunt for cyber threats and the individuals behind them.

inside Hacker-land

Think the FBI’s “Most Wanted” list is confined to conventional bad guys? Think again. The FBI also pursues cyber criminals on its “Cyber’s Most Wanted” list – showing names, background and the location of some 150 foreign and criminal and nation-state hackers.

Hackers have many tools, yet contrary to popular thinking most hacks are comparatively simple and commonplace. The most common hacking methodology is to leverage the victim’s failure to learn what to watch out for and follow appropriate “cyber hygiene” measures that defend against cyberattacks.

Those who fail to do so are wide open to attacks such as the following:

Computer and Network Intrusions: attacks on sectors defined as “critical infrastructure” by CISA. Commonly targeted sectors include: Chemicals, Communications, Dams, Emergency Services, Financial Services, Government Facilities, Information Technology, Transportation Systems, Commercial Facilities, Critical Manufacturing, Defensive Industrial Base, Energy, Food and Agriculture, Healthcare, Nuclear Reactors and Materials, Water and Waste Water.
Ransomware: infiltrating systems, encrypting them so that legitimate users no longer have access, then demanding a ransom for “freeing” the system. Ransomware infiltration can occur many ways: “malspam” – emails or attachments with links that take the victim of malicious websites that upload malware; “malvertising” – bogus ads that do the same; “spear phishing” – sending emails ostensibly from senior management or HR, asking the recipient to take a (malware-loaded) survey; and “social engineering” – emails or attachments that claim to be from a trusted associate.
Identity Theft: hacking into a database, computer or record systems via phishing, spyware or other digital means to obtain personal information and then assume the identify of one or more individuals to commit fraud, access bank accounts and credit cards or forge legal documents.

Among the most sinister forms of cyberattacks are rootkit infections that neither ransom, steal nor crash their targets, but are planted within systems like ticking time bombs that wait until ordered to click “on” and – disguised as an integral part of the victim’s native IT — take control without being noticed, for months or even years. It is not necessary for such hacks to crash systems to produce the hackers’ desired effect.

the fbi’s strategic response: taking hackers down

The FBI’s response to hackers: Make them pay for their bad acts. The end game, as FBI Director Christopher Wray puts it, is to “change the cost-benefit calculus of criminals and nation states who believe they can compromise networks, steal U.S. financial and intellectual property, and hold our critical infrastructure at risk – all without incurring any risk themselves.”

By imposing risks and consequences on cyber adversaries, the FBI puts a leash on those who seek to compromise U.S. networks, steal financial and intellectual property and harm critical infrastructure. And before long, Huntsville is expected be a central player in this initiative.

Mantech: Over 50 years of innovation

Since our founding in 1968, ManTech has provided advanced technological services to the U.S. Government. We kept a careful eye on where emerging technologies are taking the government, and we have developed the resources to master those technologies—by staying close to our customers and anticipating their needs with proven capabilities.

Since 2006, ManTech has been supporting customers in Huntsville. We recently opened an office at the Redstone Gateway. In addition, ManTech is actively involved with several community-based cyber organizations.