According to an annual transparency report released on Friday by the Office of the Director of National Intelligence, the FBI performed up to 3.4 million warrantless searches of Americans’ electronic data last year, including 1.9 million connected to a cyber threat from Russia.
The study is the first time the US intelligence community has revealed even a rough estimate of the number of FBI searches of American data conducted under the 1978 Foreign Intelligence Surveillance Act. The statute focuses on dangers from outside the US, but it also authorizes the FBI, CIA, and others to search data for information about Americans if there is a legally predicated foreign intelligence objective.
The FBI was not found to have behaved inappropriately, according to the study. The report emphasizes the vast amount of intelligence data that the FBI may use to track hackers, spies, and terrorists.
According to the report, moreover half of the FBI’s inquiries in early 2021 were tied to foreign cyber actors attempting to compromise US vital infrastructure. According to the FBI, nearly 1.9 million queries were tied to one specific cyber threat from Russia targeting US vital infrastructure.
The FBI did not specify which Russian hacking operation they were referring to. The bureau did not respond to a request for comment. The study is the first time the US intelligence community has revealed even a rough estimate of the FBI’s searches of American data under the Foreign Intelligence Surveillance Act of 1978.
The law focuses on dangers from outside the United States, but it also allows the FBI, CIA, and others to search data for Americans’ information if there is a legitimately predicated foreign intelligence function.
The FBI did not act unlawfully, according to the study. The paper emphasizes the FBI’s vast intelligence database, which it can use to track down hackers, spies, and terrorists.
According to the study, more than half of the FBI’s inquiries were tied to attempts by international cyber actors to infiltrate US critical infrastructure in early 2021. According to the FBI, there are around 1.9 million queries pertaining to one explicit cyber risk posed by Russia to critical US infrastructure.
The FBI did not specify which Russian hacking operation they were referring to. The bureau did not respond to a request for comment.
The Biden administration investigated at least two major cyber incidents originating in Russia in the first half of 2021: an espionage marketing campaign that used SolarWinds software to breach at least 9 federal companies, and a cybercriminal ransomware attack in May 2021 that paralyzed one of the most important US gasoline pipeline operators for days.
While the hacking campaign that targeted SolarWinds and other software distributors looked to be aimed at US government agencies, the malicious code used by the attackers was downloaded by thousands of businesses, including several electrical utilities.
Well well, the FBI have been busy little beavers…
: Intel report states FBI conducted nearly 2 million searches of US data related to cyberattacks in 2021.https://t.co/zrwv2m3DQ8
— Peter Treants (@sneakypete52) April 30, 2022
The Biden administration blamed Russia’s SVR international intelligence organization for the so-called SolarWinds marketing effort, which was discovered in December 2020 – a charge refuted by the Kremlin. The person responsible for the pipeline hack was apprehended by Russian authorities in January, according to US officers, but it’s unclear whether the Russians would follow through on prosecuting that person.
At least two major cyber incidents originating in Russia were investigated by the Biden administration in the first half of 2021: an espionage campaign that used SolarWinds software to breach at least nine federal agencies, and a cybercriminal ransomware attack in May 2021 that shut down one of the largest US fuel pipeline operators for days.
While the attackers’ malicious code was downloaded by thousands of firms, including hundreds of power utilities, the hacking campaign that targeted SolarWinds and other software manufacturers looked to be aimed at US government institutions.
The so-called SolarWinds effort, which was founded in December 2020, was blamed by the Biden administration on Russia’s SVR foreign intelligence organization, which the Kremlin disputed. Officials in the United States think that the person responsible for the pipeline hack was apprehended by Russian authorities in January, but it is unclear whether the Russians will prosecute that person.
The number of FBI queries stated in the Office of the Director of National Intelligence report does not correspond to the number of people whose data was analyzed. Officials can search an individual’s email address, name, or any other identifier several times, and each of these searches will be logged as a separate query.
It’s also possible that the number of American data inquiries is much smaller than the 3.4 million reported in the study. According to the article, the FBI occasionally conducts huge queries involving hundreds or even thousands of phrases, and if even one term is linked to a US person, the bulk search is treated as a US person search.