The FBI conducted up to 3.4 million warrantless searches of Americans’ electronic data last year including 1.9 million related to a cyber threat from Russia, according to an annual transparency report released by the Office of the Director of National Intelligence on Friday.
The report is the first time that the US intelligence community has disclosed even an approximate number of the FBI’s searches of American data using the 1978 Foreign Intelligence Surveillance Act. The law is focused on threats emanating from outside of the United States, but also allows the FBI, the CIA and others to search data for Americans’ information provided there is a validly predicated foreign intelligence purpose.
The report does not suggest that the FBI acted improperly. The report highlights the big trove of intelligence data that the bureau can tap in pursuing hackers, spies and terrorists.
More than half of the FBI’s queries were related to attempts to compromise US critical infrastructure by foreign cyber actors in early 2021, according to the report. That includes about 1.9 million queries related to one particular cyber threat from Russia against US critical infrastructure, according to the FBI.
It is unclear what Russian hacking effort the FBI was referring to. The bureau declined to comment.
In the first half of 2021, the Biden administration investigated at least two major cyber incidents originating in Russia: the espionage campaign that exploited SolarWinds software to breach at least nine federal agencies, and the cybercriminal ransomware attack in May 2021 that shut down one of the largest US fuel pipeline operators for days.
While the hacking campaign that exploited SolarWinds and other software vendors appeared aimed at US government agencies, the malicious code used by the attackers was downloaded by thousands of companies, including hundreds of electric utilities.
The Biden administration blamed Russia’s SVR foreign intelligence service for the so-called SolarWinds campaign, which was discovered in December 2020 — an allegation the Kremlin denied. US officials believe that Russian authorities in January detained the individual responsible for the pipeline hack, but it is unclear if the Russians will follow through on prosecuting that person.
The number of FBI queries detailed in the report from the Office of the Director of National Intelligence is not the same as the number of individuals whose data was examined. Officials can search an individual’s email address, name and any other identifier, sometimes multiple times — all of which would be counted as unique queries.
It is also possible that the number of queries of Americans’ data is far lower than the 3.4 million disclosed in the report. According to the report, sometimes the FBI conducts large queries of hundreds or even thousands of terms, and if even one term is associated with a US person, every term in the bulk search is counted as a US person search.