- FBI Director Christopher Wray said Monday that the U.S. relies heavily on "collaborative, public-private" operations to identify and stop threats.
- Wray and the FBI have moved to disrupt ransomware infrastructure and groups alongside both international and domestic law enforcement.
- Wray said "criminals and hostile governments" are exploiting artificial intelligence.
WASHINGTON, D.C. – FBI Director Christopher Wray said Monday that the federal government is relying more than ever on private sector support to ensure that U.S. infrastructure remains secure.
Speaking at Mandiant's mWise Conference in Washington, Wray told a packed room of analysts and cybersecurity professionals that it's become "increasingly difficult to discern where cybercriminal activity ends and adversarial nation-state activity begins." Mandiant is owned by Google.
Wray and the FBI have moved to interfere with ransomware infrastructure and groups alongside both international and domestic law enforcement, including notable disruptions of the Qakbot botnet and the Hive ransomware group. Wray said that artificial intelligence may help China's cyber intelligence operations in their efforts to overpower U.S. defenses, and reiterated that Chinese hackers outnumber the FBI's cyber and intelligence agents by at least 50 to 1.
"Criminals and hostile governments are already exploiting the technology," Wray said. China is poised to "use the fruits of their widespread hacking to power, with AI, even-more-powerful hacking efforts," he added.
In China, state-affiliated groups have been linked to influence campaigns on major social networks. But there are also attacks coming from elsewhere. North Korean hacking groups, for example, often seek to generate revenue for the government while gathering espionage for the state. And Russian hackers have extorted millions of dollars in ransom from businesses worldwide and targeted infrastructure in Ukraine and Eastern Europe.
Wray said "it's becoming increasingly difficult to discern where cybercriminal activity ends and adversarial nation-state activity begins," like when the government sees "hackers who are profit-minded criminals by day and state-sponsored by night."
While government efforts, including from the Cybersecurity Infrastructure Agency, have been effective, the U.S. relies heavily on "collaborative, public-private" operations to identify threats and stop them, he said.
Wray said such partnerships aren't new. He cited joint efforts in 2021, after a cyberattack on Colonial Pipeline disrupted fuel supply across the East Coast.
"We know the private sector hasn't always been excited about working with federal law enforcement," Wray said. "But when you contact us about an intrusion, we won't be showing up in raid jackets."
Wray praised Colonial's rapid response and its quick engagement of Mandiant, which helped ease information sharing with the government and allowed the FBI to "quickly make substantial breakthroughs" in identifying the cybercriminals behind the attack.
WATCH: China's Corporate Spy War