“Americans can and should have confidence in our election system,” Wray said. “And none of the election interference efforts that we’ve seen put at jeopardy the integrity of the vote count itself in any material ways. And so in that sense, people can have confidence.” 

But that doesn’t mean there aren’t threats to the election process, he said, particularly highlighting foreign governments’ desire to meddle. 

“The other part, though, is the chaos, and the ability to generate chaos is very much part of the playbook that some of the foreign adversaries engage in,” Wray said. “And there is the potential. If we’re not all collectively on board, that chaos can ensue to varying levels.”

Wray and Nakasone spoke in a fireside chat moderated by Mary Louise Kelly, host of NPR’s All Things Considered, at the 10th International Conference on Cyber Security, held at Fordham on Jan. 9. Kelly asked how 2024 compares to the 2020 election year.

“Every election as you know is critical infrastructure,” Nakasone said. “We have to be able to deliver a safe and secure outcome. And so when I look at it, I look in terms of both the threat and the technology—but yes, it’s an important year, it’s a presidential election year, and we have adversaries that want to take action.”

Protecting America’s AI Innovation 

Nakasone said that as they look at foreign adversaries and how they are using AI, he noticed that they “are all using U.S. AI models, which tells me that the best AI models are made by U.S companies.” 

“That tells me that we need to protect that competitive advantage of our nation, of our national economy going forward,” he said. 

But that’s not an easy task, Wray added, noting China’s advantage in particular.

“China has a bigger hacking program than that of every other major nation combined and has stolen more of Americans’ personal and corporate data than every nation, big or small, combined,” he said. “If I took the FBI’s cyber personnel and I said, ‘Forget ransomware, forget Russia, forget Iran—we’ll do nothing but China,’ we would be outnumbered 50 to 1, and that’s probably a conservative estimate.” 

Nakasone said that’s why it’s important for the agencies to maintain the United States’ “qualitative advantage.”

“How do we ensure that our workforce is continuing to be incredibly productive?” he said.

Combatting Foreign Adversaries 

In addition to China, Wray and Nakasone highlighted Russia and Iran as threats, even as Russia is occupied with the war in Ukraine. 

“If anything, you could make the argument that their focus on Ukraine has increased their desire to focus on trying to shape what we look like, and how we think about issues because U.S. policy on Ukraine is something that obviously matters deeply to their utterly unprovoked and outrageous invasion of Ukraine,” Wray said.  

In order to combat their efforts to interfere in elections, Nakasone highlighted partnerships between agencies like the NSA and FBI, and the quality of work that U.S. agencies do.

“It will never be having the most people—it’s having the best people and the best partnership being able to develop and deliver outcomes that can address adversaries,” he said.

Calling Out Misinformation and Disruptions

Kelly highlighted a recent poll from The Washington Post that found that one-third of Americans believe that President Joe Biden’s win in 2020 was illegitimate and that a quarter of Americans believe that the FBI instigated the January 6 insurrection. 

“I’m not trying to drag either of you into politics,” she said. “But what kind of charge does that pose for your agencies as you try to navigate this year?”

Wray said it’s important for the NSA and FBI to call out misinformation right away. He highlighted how in October 2020, the FBI called out Iran’s interference efforts ahead of the November elections in an effort to make the messaging less effective.

“We have to call it out when we see it, but we also need in general for the American people, as a whole, to become more thoughtful and discerning consumers of information,” he said. 

The Use of Section 702: ‘A Vital Tool’

In December 2023, Congress gave a four-month extension to Section 702 of the Foreign Intelligence Surveillance Act (FISA), which allows intelligence agencies to conduct surveillance on non-American citizens who are outside of the United States without a warrant. The section has come under scrutiny as privacy advocates and members of both parties said it’s an overreach of government powers.

Nakasone called it “the most important authority we use day in and day out in the National Security Agency to protect Americans.”

He said that the agency uses it to address a number of different threats: “whether or not that’s fentanyl or Chinese precursors [to fentanyl]coming in United States, whether or not it’s hostages that foreigners take overseas, whether or not it’s cybersecurity, in terms of victims that we’re seeing in the United States.” 

Wray said that the section was “a vital tool.”

“This country would be reckless at best and dangerous at worst to blind ourselves and not reauthorize the authority in a way that allows us to protect Americans from these foreign threats,” he said. 

“I think we’re concerned about the same usual suspects in terms of nation states—Russia, Iran, China, each in their own way,” Wray said.

He recalled something another FBI official recently said: “The Russians are trying to get us to tear ourselves apart, the Chinese are trying to manage our decline, and the Iranians are trying to get us to get out of their way.”

“And we’re not going to do any of the above,” Wray said.

The pair described their agencies’ work to address these challenges at a fireside chat at the ninth International Conference on Cyber Security, held at Fordham on July 19.

Nakasone called 2020 “the pivotal year for the nation in cyberspace,” and said it taught him and his agency lessons that they’re applying today.

“We ended 2020 with SolarWinds [a cyberattack], and then we begin 2021 with a number of different instances,” he said, citing the Colonial Pipeline ransomware attack and others. “I know that informed me to think differently about what I should be expecting in the fall of 2022 … I’m thinking about traditional adversaries, I’m thinking about additional tradecraft, I’m thinking about new and unique ways that an adversary might try to disrupt or try to influence our elections.”

Even with Russia’s invasion into Ukraine and efforts there, Wray said they’re still expecting Russia to try and interfere in U.S. elections, and they’re working to prepare for it.

“I’m quite confident the Russians can walk and chew gum,” he said. “We are prepared and postured to counter both.”

He also noted that while some countries, like North Korea, have similar methods to the Russians, they are “differently situated.”

“North Korea, in many ways, is a cyber criminal syndicate posing as a nation state,” he said.

New and Evolving Threats

Wray said the agencies need to be prepared for “hybrid threats,” or those that start online and move into the physical world. He gave the example of how in the lead-up to the U.S. 2020 presidential election, two Iranian nationals led a campaign that aimed to “intimidate and influence American voters.”

The two individuals started by obtaining U.S. voter information from a state election website, before they sent emails where they pretended to be part of “a group of Proud Boys volunteers,” and created a video filled with disinformation, according to an FBI release.

“There was a little bit of hacking, but the disinformation layer that they built on top of that magnified potentially the risk of what would be relatively modest hacking,” he said.

Wray also cited Chinese multi-pronged attempts to interfere with a New York congressional candidate, Yan Xiong, who had previously participated in the Tiananmen Square protests before he became a naturalized U.S. citizen.

“We recently announced charges here in New York involving the [People’s Republic of China]’s efforts to detail a congressional candidate that started with, first, [them trying to]see if they could dig up dirt to prevent the candidate from being elected, and then if that didn’t work maybe manufacture dirt about the candidate, and when that didn’t work, [thinking]maybe we can have this candidate suffer ‘an accident,’” Wray said.

Wray said stopping these types of operations requires a mix of public exposure and law enforcement efforts.

“Most of these operations—if you think of them as influence operations—exposing them is a significant antidote to them,” Wray said. “But we also need some other kinds of disruption operations—arrests….sanctions.”

Dealing with Challenges at Home and Abroad

Wray said that the FBI focused on three main things related to election security: dealing with “foreign, malicious actors” pushing out fake information; investigating malicious cyber actors, both foreign and domestic, who target election infrastructure; and prosecuting federal election crimes ranging from campaign finance violations to voter fraud to violence.

“I think the first thing people need to be clear is we’re not the truth police,” he said. Their role is “targeting foreign and domestic malicious actors,” he said, and investigating federal election crimes and threats of violence.

He noted that violence, in any form, would be something the FBI would take action against, particularly the “alarming rise” of threats of violence against election workers.

“The idea that they would become targets of threats of violence is totally unacceptable,” he said.

Wray said that the attacks on the Capitol on January 6, 2021, were “a manifestation of another phenomenon, which is deeply troubling.”

“There are way too many people, in this country and to some extent, other countries, who are choosing to manifest their ideological, political, or social views through violence … in the case of January 6, [it was]that plus an effort to interfere with one of our most sacred constitutional processes,” he said. “There is a right way and a wrong way to express your views under our First Amendment, and violence and destruction of property, violence against law enforcement, that’s not okay. That is not First Amendment activity.”

Partnering with Each Other and the Public

He encouraged members of the public to play their role in helping protect the sacredness of elections.

“The best defense against malicious, foreign interference, all the way to something like a January 6th, is an enlightened, thoughtful public,” he said.

Working with the private sector, academic institutions, and members of the general public, in addition to collaborating with each other, are essential for both agencies, the directors said.

“What I learned in 2020 was the power of being able to engage with academic institutions and the private sector, with people that actually have this expertise that are looking at either ransomware or influence operations,” Nakasone said. “We bring the foreign insights of what the adversary is doing, the tradecraft, the techniques that they’re utilizing outside the United States.”

Wray said that today, all of the FBI field offices have “private sector coordinators” who lead their partnerships with local organizations and institutions.

Nakasone said that these kinds of relationships are not just beneficial for agencies like the FBI and NSA, they’re beneficial to members of those organizations too.

“It’s our insights on foreign intelligence—that’s something that the private sector just relishes,” he said. “The second thing is talent. When you’re on the other end of the line, you’re talking to an analyst from the U.S. Cyber Command and the National Security Agency. You’re talking to someone that is incredibly talented in terms of what they’re seeing, what they understand, the perspective of what they bring.”

According to FBI Director Christopher Wray, they can best be defeated through cooperation between law enforcement agencies, academia, and the private sector. In a speech on Jan. 28, Wray shared with an audience of roughly 1,900 attendees an example less than 36 hours old: the disruption of the Emotet criminal botnet, which was carried out with the European Union Agency for Law Enforcement Cooperation.

“Emotet has for years enabled criminals to push additional malware onto victim networks in critical sectors, like health care, e-commerce, technology, and government. Emotet is one of the longest-running and most pervasive denial-of-delivery services out there,” he said.

The operation was successful, he said, because cybersecurity experts on both continents had applied lessons learned from previous disruptions of botnets, which are networks of internet-connected devices that can be used to perform Distributed Denial-of-Service (DDoS) attacks, steal data, send spam, and allow the attacker to access the device and its connection.

“It’s the kind of disruption that demands cooperation,” he said.

Wray made the announcement during a talk titled “The FBI’s Strategy for Tackling Cyber Threats in 2021 and Beyond,” part of a virtual speaker series sponsored by the International Conference on Cyber Security (ICCS), which is jointly presented by the FBI and Fordham. In-person ICCS events, such as those scheduled for July, have been postponed until public health authorities advise that they’re safe.

In addition to Emotet, Wray cited examples such as the bureau’s success in the September prosecution of the Chinese hacking group Apt41, which was targeting private companies, as well as a partnership with the NSA that lead to last year’s discovery of a sophisticated type of malware developed by the Russian military.

Wray answered audience questions that were presented by Joseph M. McShane, S.J., president of Fordham, who served as moderator. Questions ranged from how the bureau retains talent that might otherwise work in the private sector (their attrition rate is very low) to the ways they go about identifying cybercrimes in general. Asked how private industry can help the justice department defeat domestic threats, Wray advocated a preemptive approach.

“There’s a saying that the best time to patch the roof is when the sun is shining. It’s the same concept here. We want people to start to build those relationships with their local FBI field office before they have a major intrusion,” he said.

On the challenge of misinformation campaigns and social media, Wray made it clear that the bureau is concerned with the threat, not the content.

“We’re not the truth police of the internet. What we focus on is the actor,” he said.

He noted that when the bureau learned that Internet Research Agency, the Russian troll farm that was active during the 2016 presidential election, was actively planning to spread disinformation and distrust in 2020, the FBI tipped off Facebook and Twitter in September to its presence on their networks.

“It’s a situation where we, rather than bringing an enforcement action, we’re feeding tips to the social media companies, which were able to take very quick actions themselves using their own terms of service,” he said.

“Because activity that might not readily lend itself to a criminal case or national security action often very readily violates their terms of service.”

It was another example of the private sector and law enforcement working together to defeat a shared enemy, he said.

“The way we do business today, and so many of the changes we’ve made to our strategy are a product of our work with [the private industry]. We’ve been working with your concerns and suggestions and we’ve taken them to heart. We’ve shifted the way we think and the way we operate so we can have a more significant effect on our adversaries.”

Wray’s talk was followed by a discussion with Ed Stroz, GABELLI ’79, the founder of a firm formerly called Stroz Friedberg and now known as Aon Cyber Solutions, and Matt Gorham, assistant director of the FBI’s Cyber Division. Stroz, a former FBI agent himself, focused on the nuts and bolts of how a private company actually works with the bureau.

Gorham echoed Wray’s suggestion to make a connection before an intrusion, as that will establish a baseline level of trust. This will be important because in the near future, he predicted there will be an increase in ransomware and malware-for-hire services. And, he said, people should feel confident that when they call the FBI for help, the bureau knows that they were the victim.

“And we know how to work with a victim,” he said.

“A lot of times this comes down to a level of comfort that we’re not out there to look at your content; what we’re really looking for are those artifacts of intrusion,” he added, noting that people develop trust in the bureau after working with them once.

“It’s been my experience that there may be a hesitancy to call the FBI the first time; it’s a very quick call the second time.”

But the agency cannot go it alone.

“Just as technology has become a wonderful force multiplier for the good guys, it has become a force multiplier for all sorts of bad guys—for terrorists, hackers, child predators, and a lot more. User-controlled default encryption is a real challenge for law enforcement,” he said, echoing comments that U.S. Attorney General William P. Barr made at Fordham on Tuesday.

Wray’s appearance at Fordham’s School of Law closed out the 8th International Conference on Cyber Security (ICCS). He last visited Fordham in January, 2018, when he delivered the opening remarks for the 7th ICCS conference.

To illustrate the FBI’s ongoing efforts, Wray highlighted the Bureau’s involvement in the December take down of APT10, a hacking group associated with China’s Ministry of State Security. The group had compromised the networks of U.S. government agencies and 45 companies around the world.

Working with field offices around the country and agencies such as the Defense Criminal Investigative Service, and the Department of Homeland Security, the U.S. Department of Justice obtained criminal indictments against two members of the group.

“The indictments marked an important step in publicly exposing China’s continued practice of stealing intellectual property to give Chinese firms an unfair advantage in the marketplace,” he said, noting that it also let to the first formal declaration that China had violated the 2015 Cyber Commitments agreed to by the United States and China.

“By revealing the names and activities of hackers in cases like these, we limit their travel and job prospects, and we increase significantly their cost to operate. An indictment signals to our allies that we’re so confident in our assessment of culpability that we’re willing to put the full weight of the U.S. criminal justice system behind it.”

Wray addressed foreign influence in his remarks, noting that the bureau fully expects to see in 2020 efforts to target election infrastructure to exact ransoms, temporarily disrupt election operations, and undermine voter confidence in the electoral process.

“Happily, we’ve yet to see attacks manipulating or deleting election and voter-related data, or attacks that actually take election management systems offline. But we know our adversaries are relentless. So are we,” he said.

Equally important, he noted, was foreign investment. If adversaries can’t access our most valuable and sensitive information, he said, they may try to buy their way to it. Working with the Committee on Foreign Investment in the United States, the Bureau has access to data about sensitive industries unavailable to private citizens. Don’t overestimate the effectiveness of protections and countermeasures available to your company, he said.

“A decision to enter into a particular joint venture or contract with a particular vendor or cloud computing company may look good today – it may make a lot of money this quarter. But that decision might not look so great five years down the road, if you’re then in the throes of a slow bleed of data. Or, worse, if you’re then suffering a major hemorrhage of intellectual property,” he said.

“So you’ve got to take steps, and make hard choices, to safeguard your R&D, PII, and proprietary data even after a deal is done.”

The issue of lawful access to encrypted data was where he was most hopeful that the private sector and law enforcement could learn to cooperate. In a New England town last month, he said the FBI received a tip that a nine-year-old girl was being sexually abused, and that the abuser was using an app—which Wray declined to identify—to distribute images of her anonymously. Agents contacted the app provider, located the child in less than 24 hours, obtained multiple search warrants, rescued her and arrested the suspect.

“Law enforcement receives millions of tips like these every year. I don’t want to think about a world in which we lose the ability to detect dangerous criminal activity because a technology provider decides to encrypt this traffic – data “in motion” – in such a way that the content is cloaked and no longer available subject to our longstanding legal process,” he said.

The FBI has been “hearing increasingly” from cryptologists that there are solutions that could work to protect encryption and fulfill law enforcement’s need for accessing encrypted communications, he said, which gives him hope that a mutually acceptable solution may emerge soon.

“This is not just a national security issue, it’s a fundamental public safety issue. If it is not addressed, it impedes not only federal law enforcement, but our state and local partners as well,” Wray said.

FBI Director Christopher A. Wray gave the keynote at the Jan. 9 opening session of the Fordham-FBI 2018 International Conference on Cyber Security. He spoke of “the Going Dark problem” of protected electronic devices, and the lapse of part of the Foreign Intelligence Surveillance Act (FISA), should Congress fail to renew it this month.

Due to an industry practice of encrypting cell phones, computers, and other electronic consumer products, Wray said that last year the FBI was unable to access the content of nearly 7,800 devices, even though “there is lawful authority to do so.”

“Each one of those devices is tied to a specific subject, a specific defendant, a specific victim, a specific threat.,” said Wray, who was appointed last year following President Trump’s firing of then-director James Comey. “We are not looking for a ‘back door’ . . .[but]the ability to access the device once we’ve obtained a warrant from an independent judge, who has said we have probable cause.”

“it’s an urgent public safety issue.”

He also called for the immediate extension of Section 702 of the FISA, which allows the government warrantless monitoring of internet and phone communications to gather foreign intelligence information.

Wray, a former federal prosecutor who was in private practice when tapped for the director’s position, gave his talk from the “fresh perspective” of someone returning to law enforcement after approximately a decade.

“Back then, ‘tweeting’ was something only birds did. Now…well, let’s just say it’s something that’s a little more on my radar,” Wray said.

Wray defended the agency’s impartiality, saying that it is the honest process, not the result, that his FBI agents are passionate about.

“If the bureau starts chasing results, that’s fool’s gold. There is always going to be somebody unhappy about something that we do,” he said. “[We] let the facts go where they go.”

Higher Stakes, More Complexities

Since he last worked in law enforcement, Wray said “the [cyber]threats are growing more complex, and the stakes are higher than ever.” In fact, he noted that the term “cybercrime” is nearing redundancy, as nearly all crimes today—from terrorism to human trafficking to gangs to organized crime—involve some technological or digital component.

The FBI has been successful in infiltrating and destroying some major global operations: Wray mentioned the takedown last summer of AlphaBay, an online black market for drugs, malware, stolen identities, and more. Yet upcoming challenges incorporating more AI and cryptocurrencies will require new approaches and collaborations.

To those ends, he said, one of the main challenges facing the FBI today is finding persons who are high-end cyber-proficient, and to raise the game to stay ahead of threats. “The sad realization is that there are too few people in this country—in any country—who have that expertise. It’s a great place to be, if you are a college kid right now.”

Joseph M. McShane, S.J., president of Fordham, introduced Wray and fielded questions to him following his talk. Citing the foreign meddling in the 2016 U.S. presidential election, Father McShane emphasized cybersecurity’s vital contribution to world institutions.

“The work the FBI does has never been more important, not merely to the security of democratically-elected governments, but to world markets and to the infrastructure of civilization itself.”

(Read Director Wray’s full remarks.)

READ MORE ICCS DAY 1 COVERAGE:

To Take Out Dark Net Marketplace, Luck, Skill, Cooperation Required

Operation Harbor: an Insider’s Look at the Hunt for a German Router Hacker

There’s No Hiding