The report is the first time that the US intelligence community has disclosed even an approximate number of the FBI’s searches of American data using the 1978 Foreign Intelligence Surveillance Act. The law is focused on threats emanating from outside of the United States, but also allows the FBI, the CIA and others to search data for Americans’ information provided there is a validly predicated foreign intelligence purpose.
The report does not suggest that the FBI acted improperly. The report highlights the big trove of intelligence data that the bureau can tap in pursuing hackers, spies and terrorists.
More than half of the FBI’s queries were related to attempts to compromise US critical infrastructure by foreign cyber actors in early 2021, according to the report. That includes about 1.9 million queries related to one particular cyber threat from Russia against US critical infrastructure, according to the FBI.
It is unclear what Russian hacking effort the FBI was referring to. The bureau declined to comment.
While the hacking campaign that exploited SolarWinds and other software vendors appeared aimed at US government agencies, the malicious code used by the attackers was downloaded by thousands of companies, including hundreds of electric utilities.
The Biden administration blamed Russia’s SVR foreign intelligence service for the so-called SolarWinds campaign, which was discovered in December 2020 — an allegation the Kremlin denied. US officials believe that Russian authorities in January detained the individual responsible for the pipeline hack, but it is unclear if the Russians will follow through on prosecuting that person.
The number of FBI queries detailed in the report from the Office of the Director of National Intelligence is not the same as the number of individuals whose data was examined. Officials can search an individual’s email address, name and any other identifier, sometimes multiple times — all of which would be counted as unique queries.
It is also possible that the number of queries of Americans’ data is far lower than the 3.4 million disclosed in the report. According to the report, sometimes the FBI conducts large queries of hundreds or even thousands of terms, and if even one term is associated with a US person, every term in the bulk search is counted as a US person search.