Over the past few years, cyberattacks in the United States have increased exponentially.
Governmental entities, businesses, and citizens are confronted with an alarming number of
sophisticated threats every day. As the number and complexity of threats to our businesses and
infrastructure continues to evolve, the Little Rock Field Office of the FBI is redoubling its efforts
to share critical information, provide insights into emerging cyber threats, and protect our
communities from malicious actors.
Cyber risk is business risk, and there is no shortage of recent examples of the wide-ranging
economic effects wrought by cyberattacks. While media attention has been significantly focused
upon ransomware over the past year, the FBI’s Internet Crime Complaint Center (IC3) issued an
annual report demonstrating Business Email Compromise (BEC) schemes cost U.S. businesses
more than $2 billion last year alone. These substantial losses are absorbed by companies who
chalk it up as the cost of doing business in the modern age – but that should never be the case.
Although cyber threats often originate from locations elsewhere in the world, victims in
Arkansas deserve a rapid, local response. To meet this objective, the FBI has placed strong
emphasis on developing its cyber workforce. The FBI has numerous cyber-trained agents throughout
Arkansas, and each has significant threat response, counterintelligence, domestic intelligence,
and computer intrusion expertise. They can put a cyber-trained FBI Special Agent on any doorstep
in this state within three hours. No other organization in the world has that reach, that unique
tools, or experience in assisting victims. The FBI cyber investigators want to assist you and your company.
In addition to the resources placed around Arkansas, the FBI has dedicated teams out of
Washington D.C. which provide specialized support to victims of cyber intrusions. The Cyber
Action Team (CAT) is a technical investigative team that rapidly deploys nationally and
internationally to assist with complex intrusions and cyber incidents. The Recovery Asset Team
(RAT) acts quickly to help victims recover funds which otherwise would be lost to cyber
criminals. In 2021, RAT used the Financial Fraud Kill Chain (FFKC) over 1,700 times and was
able to successfully freeze more than $328 million. That money was then rightfully returned to
business victims of cyber fraud.
The FBI’s current cyber strategy focuses on imposing real risk to adversaries through consequences. An example of how important partnerships are to the FBI mission occurred just last year. State actors of the Peoples Republic of China (PRC) exploited a vulnerability in Microsoft Exchange Server software to compromise thousands of U.S. computers and install web shell back doors which allowed
them to come and go into victim networks as they pleased. The PRC tried to prop open these
doors, and the FBI slammed them shut. Thanks to information shared with the FBI by a private partner, the
FBI executed an innovative court-authorized operation to identify and remove those backdoors
from hundreds of vulnerable computers across America. Most important to the private sector, the FBI
only did this after publicly releasing information on the compromises and working with
Microsoft to directly contact server owners and allow them time to fix the problem on their own.
Consistent with the FBI’s respect for the privacy of businesses, we removed the web shells surgically
without exposing the contents of victim computers to the FBI.
Many conclusions may be gathered from this example of partnership between the FBI and
private industry, and from the perspective of the FBI the key takeaways are these: if Arkansas
businesses and organizations don’t report cyber incidents, the FBI can’t provide the resources to help.
The FBI can’t help you recover company assets and data without knowing you’ve lost it. The FBI also
can’t warn other businesses who might fall victim to the same attack in the future. Perhaps most
importantly, the quicker the FBI receives a report of a cyber incident, the faster the FBI can take action.
What can you do today to protect your business or organization from a cyberattack? Take the
proactive step of becoming a partner with FBI Little Rock before you experience a cyber
intrusion. The FBI can provide world-class capabilities, international reach, and critical information
about ongoing vulnerabilities and cyber intrusions. If your company does become the victim of
an attack, the FBI will work closely with you to thoroughly investigate the matter while assisting with
incident response. The FBI will do the utmost to introduce accountability to cyber adversaries and
criminals.
If you are an Arkansas business leader or cyber professional, give FBI Little Rock a call at (501)
221-9100 to discuss what resources we can provide.
WebReadyTM Powered by WireReady® NSI