U.S. under persistent cyber attacks from Russia and ransomware groups, according to the FBI director's statement.

FBI Zealously Dedicated to Thwarting Potential Damaging Assault; Director Christopher Wray Affirms

, and Administrator

2025 September 12 . 1:27 AM

2 min read

United States under heightened cyberattack threats from Russia and associated ransomware groups,... — United States under heightened cyberattack threats from Russia and associated ransomware groups, claims FBI Director.

U.S. under persistent cyber attacks from Russia and ransomware groups, according to the FBI director's statement.

In the ongoing conflict in Ukraine, Russia has been reported to launch disruptive cyber attacks, utilising tools such as wiper malware. These attacks are a cause for concern not only for Ukraine but for the international community as well.

The FBI, a key player in the global cybersecurity landscape, has demonstrated its capabilities in disrupting such operations and even tracing ransom payments, provided that information is gathered early. This was evident in a recent incident where a hospital's network was proactively thwarted, thanks to the close collaboration between the FBI and hospital staff.

The FBI, in conjunction with the Cybersecurity and Infrastructure Security Agency, the National Security Agency, and foreign allies, has repeatedly warned industries about potential malicious cyber activity against critical infrastructure sites, including energy, utilities, and water. This proactive approach is crucial in mitigating potential threats.

Security researchers have disclosed the development of destructive custom-made malware, dubbed Pipedream or Incontroller, which could sabotage major industrial sites. However, it has not been officially attributed to any particular state actor.

The FBI was part of an April operation to disrupt Cyclops Blink, a state-backed botnet used by the Sandworm threat actor to infect thousands of devices worldwide. The identity of the person who led this operation remains undisclosed. Cyclops Blink had infected WatchGuard firewall appliances and Asus routers.

Russia's cyber activities are under close scrutiny, particularly as the war in Ukraine continues. The FBI has warned potential targets about potentially destructive attacks from Russia, citing the 2017 NotPetya attacks as a stark reminder. NotPetya spread across Europe, hit the U.S., Australia, and even some organisations inside Russia.

Moreover, Russia-based ransomware gangs have been reported to engage in cyber activity in support of the Russian government.

Meanwhile, China emerges as the largest nation-state threat to the U.S., with efforts to dominate global technology partly coming from stealing research and proprietary secrets from U.S. companies.

The FBI's efforts can aid attack deterrence. This was evident in the plot against Boston Children's Hospital in 2021, where early information from an intelligence partner allowed the hospital to proactively thwart the threat.

FBI Director Christopher Wray emphasised the need for U.S. companies to share potential cyber threats or extortion demands during a recent speech. This call to action comes at an urgent time for the FBI and other federal agencies to prevent a potentially catastrophic act of retaliation by Russia-linked threat actors since the invasion of Ukraine in February.

In conclusion, the role of the FBI in cybersecurity is paramount, particularly in the current geopolitical climate. Their efforts in disrupting cyber attacks, sharing intelligence, and collaborating with international partners are essential in maintaining cybersecurity resilience.