LITTLE ROCK, Ark – The FBI Little Rock office, along with FBI field offices nationwide, is ramping up its program to help business owners protect against and prepare for cyberattacks.
“We’re really pushing this for the next 60 days or so,” FBI Little Rock public information officer Connor Hagan said.
The program is the bureau’s cyber task force partnering with businesses. The partnership begins with a conversation with the businessperson and adds cyber task force response, up to and including Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA) available to respond to cyber-attacks.
Hagan said the partnership is undertaken at no cost to the business owner and done discreetly, noting that “this is not a bunch of guys in FBI raid jackets showing up.”
Instead, an agent meets with a business owner to review needs and concerns to understand the business’s cyber environment and what the office can do to assist in maintaining cyber security. This includes support going forward, such as a business receiving flash alerts when a sudden threat becomes known in order to forestall debilitating attacks on a network.
Depending on need and circumstance, this can also include FBI-led training for business staff in what to watch for and how to avoid cyberattacks or related crimes.
In an emergency, the bureau’s Little Rock office stated it can put cyber-trained FBI Special Agent on any doorstep in the state within three hours.
Included as part of the threat response is access to dedicated teams out of Washington D.C. which provide specialized support to victims of cyber intrusions, including its Cyber Action Team (CAT), a technical investigative team that rapidly deploys nationally and internationally to assist with complex intrusions and cyber incidents.
The FBI Recovery Asset Team (RAT) is also available. It acts quickly to help victims recover funds which otherwise would be lost to cyber criminals. In 2021, RAT used the Financial Fraud Kill Chain (FFKC) over 1,700 times and was able to successfully freeze more than $328 million. That money was then rightfully returned to business victims of cyber fraud.
The FBI’s Internet Crime Complaint Center (IC3) issued an annual report demonstrating Business Email Compromise (BEC) schemes alone cost U.S. businesses more than $2 billion in 2021.
High profile cyberattacks in recent news included attacks on governments, such as water system treatment plants, and business, such as attacks shutting down a meat production plant.
Little Rock has not yet suffered an attack of this scale, Hagan said, but the potential continues to increase.
“These threats aren’t stopping,” Hagan said.
Arkansas was ranked thirty-third in states for victims of cybercrimes in the FBI’s 2021 report (.pdf). The net loss for Arkansas in the same report was just over $15.3 million in such scams as fake sweepstakes winning, investment enticements or fake tax liens.
Investigators are seeing an increase in what Hagan called “blended” threats where governments, he cited China and Russia, partner with criminal groups making cyberattacks. The government can offer better and more sophisticated software and even intelligence as to what organization and who in it is vulnerable, he said.
With these tools and information, criminals can engage in attacks such as email compromise, where someone is tricked into responding to, or even simply clicking on the link in an email, triggering a cascade of effects where the network is effectively held hostage by the criminals until a ransom is paid, along with proprietary information stored on the network is taken.
Some Arkansas businesses are already participating in the program with the FBI, Hagan said, but could not disclose which businesses due to privacy concerns.