FBI Cyber Division

Within critical infrastructure, operational technology (OT) controls many of the essential services we rely on, from the water we drink to the transport we use. Click to read the new guide to OT cybersecurity from the #FBI, the Australian Cyber Security Centre, and many other domestic and international partners. After consulting with industry, we developed a set of high-level cybersecurity principles for OT. The principles aim to help leaders, developers, and other key stakeholders make informed decisions when designing, implementing, and managing cybersecurity risks in OT environments. Read the full guide here: https://lnkd.in/emqnDRjD And find our quick reference guide to principles of OT cybersecurity here: https://lnkd.in/eid8uehm

Today marks the beginning of #CybersecurityAwarenessMonth, a joint government effort every October to bring attention to the importance of cybersecurity! Follow #FBI Cyber this month to hear from cyber agents and get tips on how to #SecureOurWorld and protect yourself from cyber criminals: https://lnkd.in/etSyKrE

Ever wanted to visit the #FBI Academy in Quantico, VA? This month, #cybersecurity executives from critical infrastructure organizations gathered at the FBI Academy for a triannual, week-long event that brings together private-sector cyber experts with the FBI and its government partners. We call it CISO Academy. Cybersecurity executives work with their public-sector peers to develop strategies for improving information sharing, mitigating risks from global adversaries, and imposing costs on malicious cyber actors. Want to attend? Contact the private sector coordinator at your local field office and develop a relationship. A great way to start is by inviting the FBI to participate in your next tabletop exercise. Find your local field office here: https://lnkd.in/dVusRWPA

Iranian cyber actors have targeted email accounts associated with the 2024 US presidential election, according to an #FBI investigation. For more on this threat activity as well as mitigation guidance, click to read our new #CybersecurityAdvisory, published in collaboration with US Cyber Command - Cyber National Mission Force, the U.S. Department of the Treasury, and the UK’s National Cyber Security Centre: https://lnkd.in/eJT9HGj2

Today, the Department of Justice unsealed an indictment charging three Iranian nationals and Islamic Revolutionary Guard Corps (IRGC) employees with a conspiracy to engage in a “hack-and-leak” operation designed to influence the 2024 U.S. presidential election. The hacking conspiracy targeted current and former U.S. officials, members of the media, nongovernmental organizations, and individuals associated with U.S. political campaigns. Read more about the indictment here: https://lnkd.in/gQbHdzTV

#ICYMI, read #FBI Director Christopher Wray’s remarks at the 2024 Aspen Cyber Summit, where he announced Operation Da Maque, a court-authorized effort to disrupt a botnet used by Chinese state-sponsored hackers. Known as Integrity Technology Group, or Flax Typhoon, these hackers attempted, ultimately without success, to fight back against our operational efforts. They tried to migrate their bots to new servers and even conducted a distributed-denial-of-service (DDoS) attack against us. Working with our partners, we were able to not only mitigate their attack, but also identify their new infrastructure in a matter of hours. At that point, as we began pivoting to their new servers, Flax Typhoon burned down their new infrastructure and abandoned their botnet. Click here to read further details about Operation Da Maque and our ongoing efforts to take China’s botnets offline: https://lnkd.in/eYjDVRZa

At the #FBI, we know that combating cybercrime is the ultimate team sport. That’s why, last week, FBI Deputy Assistant Director Brett Leatherman met with Stan Duijf, head of cyber operations at the Eenheid Landelijke Opsporing en Interventies, a.k.a. the Netherlands National Police, to discuss investigations, cyber strategy, and continuing collaboration on disrupting cyber threats. The FBI cannot succeed without strong partnerships, and we are proud of our strong partnership with the Netherlands National Police. #CyberIsATeamSport

Speaking at this year’s Aspen Cyber Summit, Director Wray discussed how information sharing between the #FBI and our public and private sector partners can help combat ongoing cyberattacks and lessen the impact of future cyber incidents. To learn more about partnering with the FBI, visit https://lnkd.in/esx4PZVg.

Integrity Technology Group, a company with links to the Chinese government, has controlled and managed a botnet that, as of June 2024, consisted of over 260,000 compromised devices and was positioned for malicious activity against U.S. networks. The #FBI, the Cyber National Mission Force (CNMF), the National Security Agency (NSA), and our international partners have released a joint #CybersecurityAdvisory to highlight the threat posed by these actors and their botnet activity and to encourage device vendors, owners, and operators to update and secure their devices. Read more here: https://lnkd.in/ejzUzQfS

Today, we announced an #FBI led operation to disrupt a botnet used by Integrity Technology Group—aka Flax Typhoon—a group of China-based hackers that infected more than 200,000 consumer devices in the United States and worldwide. This court-authorized law enforcement action took control of the hackers’ computer infrastructure and sent commands through that infrastructure to infected devices to disable the malware. The FBI is working with internet service providers who will provide victim notification to U.S. owners of infected devices; however, if you suspect you have a compromised device, submit a report to IC3.gov. For more information about this operation, please click here: https://lnkd.in/eHJCGkWd. To learn more about Integrity Technology Group’s tactics, techniques, and procedures (TTPs), please see our joint Cybersecurity Advisory with technical details and recommended mitigations: https://lnkd.in/ejzUzQfS