FBI

Information systems

2023: FBI has been unable to award $5 billion IT contract for 3 years due to persistent complaints from potential contractors

At the end of November 2023, it became known that the FBI for three years (by the specified date) could not conclude a contract worth $5 billion for the provision of IT services. The reason is that potential performers who submitted applications for participation in the competition and were refused send numerous complaints against the department, which is why the process of choosing a contractor is constantly delayed.

We are talking about the IT Supplies and Support Services 2nd Generation (ITSSS-2, or IT Triple S) initiative. As part of this program, the FBI plans to purchase a wide range of IT services and services. Initially, the project was called IT Enterprise Contract Services (ITECS), and it was planned to decide on the contractors in 2020. At the stage of searching for performers, the department faced a flood of claims from rejected candidates who complained about the criteria and conditions for selecting contractors. As a result, the FBI curtailed the ITECS program and initiated a ITSSS-2 competition with revised requirements at the end of June 2023, but difficulties also arose with its implementation.

FBI for three years cannot conclude a contract worth $5 billion for the provision of IT services

Ernst & Young, General Dynamics IT and Qbase, which were refused, reportedly sent complaints to the FBI. The agency intended to complete the selection of candidates in February 2024, but the presence of pending claims will lead to further delays. In addition, it is possible that even after the completion of the competition against the FBI, complaints will continue to come from potential contractors who have been refused.

Under the terms of the tender, the agency needs services in the field of cloud information security platforms, development, operation and maintenance of IT systems, etc. The contract is expected to be awarded for 10 years.^[1]

Facial Recognition System

Main article: FBI facial recognition system

2023

Confirmation of surveillance of politicians and ordinary citizens

On May 19, 2023, the US Foreign Intelligence Surveillance Court released an opinion dated April 2022, which states that the FBI has been conducting unauthorized surveillance of American politicians and ordinary citizens for years.

We are talking about non-compliance with the requirements of section 702 of the so-called Act on Secret Surveillance for Foreign Intelligence (FISA). This is a US federal law that defines physical and electronic surveillance procedures. Section 702 allows US intelligence agencies to listen to phone calls and read electronic correspondence of citizens of other countries without a court order. As part of this article, a huge database has been formed containing a wide variety of information, including emails, text messages, call records, etc. US intelligence agencies use the base "to prevent terrorist attacks and collect information about the intelligence activities of foreign governments."

FBI has been conducting unauthorized surveillance of American politicians and ordinary citizens for years

The FBI is supposed to follow strict procedures because using the base allows the agency to skip the normal stage of obtaining a warrant from a federal court to collect information about Americans. However, as the investigation showed, during 2020 and early 2021 alone, the FBI abused the database more than 278 thousand times, sending requests that did not comply with the rules of the Ministry of Justice. Often, information was searched about Americans who had nothing to do with national security issues.

The FBI acknowledged the violations and said it had recently fixed the problem by clarifying to its agents and analysts what they could look for in the base and what they might not. However, the existence of the base and its maintenance in its current state is the subject of lawsuits by the American Civil Liberties Union, which tried to get it to be declared unconstitutional by the courts.^[2]

Computer network hacking

On February 17, 2023, the Federal Bureau of Investigation (FBI) reported a cyber attack on its computer network. Specialists of the department have already begun to investigate the incident.

According to CNN, the main body of counterintelligence and anti-terrorist activities of the United States has not yet named the source of the invasion. It is said that FBI specialists have been working for a certain time to isolate malicious cyber activity. As of February 17, 2023, the attack was localized, but no details about the cyber campaign were disclosed.

Almost nothing is known about the attack

The FBI is aware of the incident and is working to obtain more information. This is an isolated incident that was localized. Since this is an ongoing investigation, the FBI has no comment yet, department officials said.

According to two CNN sources, who wished to remain unknown, the attack affected the FBI regional office New York in - one of the bureau's largest and most authoritative offices. The agency itself believes that the incident is related to a computer system that was used to investigate crimes related to the sexual exploitation of children. The resource TechCrunch indicates that very little information is disclosed about the incident.

It's not clear exactly when the invasion took place or how the FBI was compromised. The nature of the incident, which, it seems, has not yet been announced by any large cybercriminal organization, also remains unclear, writes TechCrunch.

This is not the first time the FBI has been compromised. In November 2021, attackers hacked the department's external email system to send spam messages warning hundreds of thousands of organizations of a fake cyber attack. The FBI said at the time that it had fixed a software vulnerability related to the incident.^[3]

Site blocking in Russia

At the end of January 2023 Roskomnadzor , he blocked Russia access to sites, the Central Intelligence Agency Federal Bureau of Investigation, as well as platforms for combating terrorism and counterintelligence. State Department USA More. here

Arrest of FBI officer for helping lift US sanctions on Oleg Deripaska

Former senior FBI official Charles McGonigal was arrested in the United States in January 2023 for helping to lift sanctions on Russian businessman Oleg Deripaska.

Together with Mr. McGonigal, a man named Sergei Shestakov was arrested. In a press release from the US Department of Justice, he is called a court translator. Mr. Shestakov faces the same charges as Charles McGonigal.

2022

Hacking the FBI network and stealing data

On December 13, 2022, it became known that cybercriminals gained access to the InfraGard system controlled by the Federal Bureau of Investigation (FBI) and stole information about tens of thousands of users. This data is put up for sale on one of the hacker forums. Read more here.

FBI double agent reveals Chinese intelligence actions

In October 2022, it became known that two Chinese intelligence officers paid a bribe in bitcoins worth about $61 thousand to an FBI officer to obtain information related to the US federal investigation into a telecommunications company from China. According to the United States Department of Justice, a criminal case has been opened against Chinese citizens Gochong He and Zheng Wang, they are charged with trying to obstruct criminal prosecution.

According to court documents, the defendants, starting in 2019, instructed a US civil service officer, whom they believe they recruited as an agent, to steal confidential information. But in fact, he worked as a double agent of the FBI.

Launch of cryptocurrency division

In February 2022, Deputy Attorney General USA Lisa Monaco announced that she FBI was launching a new cryptocurrency unit that would focus on analyzing blockchain and withdrawing virtual assets.

"The careful work of law enforcement has challenged the pursuit of digital anonymity by showing that the MoJ can still monitor money, regardless of its form, cryptocurrency is not a safe haven for criminals."

2021

FBI has full access to WhatsApp

On November 29, 2021, as a result of a data leak, an FBI document was released, which shows that the "personal" messaging applications WhatsApp and iMessage are very vulnerable to searches by law enforcement agencies. Read more here.

Hacking the FBI postal system

In mid-November 2021, hackers sent thousands of fake emails from the real address of the Federal Bureau of Investigation (FBI), warning recipients that their networks were being attacked by a reputable cybersecurity researcher. Hackers sent about 100,000 fake letters allegedly from the FBI warning of a cyber attack on the addressee's systems. The letters indicated that cyberattack was carried out by cybersecurity expert Winnie Troy, who in 2020 conducted an investigation into the hacker group The Dark Overlord.

The emails were sent by individuals who did not have access to the FBI's technology infrastructure, and someone who abused the incorrectly configured web portal, the department confirmed. The Federal Bureau of Investigation claims that no data was available or compromised when a series of fake emails were sent from a server owned by the agency. According to the agency, the incident occurred due to incorrect configuration software (software).

Hackers hacked the FBI mail system and organized a mockery newsletter

The letters were sent in two waves in the early hours of November 13, 2021, according to the Spamhaus Project, a non-profit international cyber intelligence organization based in Andorra. Spamhaus first reported the incident on a social media site after it was made aware of bizarre emails allegedly coming from the FBI and the US Department of Homeland Security. The FBI later confirmed that the fake letters were sent from the @ ic.fbi.gov account. According to the statement of department, the server intended for mailing of notifications to law enforcement agencies of states and local authorities was used and was not a part of corporate post service FBI.

As soon as we learned of the incident, we quickly fixed the vulnerability in the software, warned partners not to pay attention to fake emails, and confirmed the integrity of our networks, the FBI said in an official statement.

There were no phishing links, as well as links to malware or attached files in the letters, only text information. According to experts, hackers either wanted to defame cybersecurity specialist and founder of Night Lion Security Winnie Troy, or overload the FBI's phone channels with calls from worried Americans.^[4]

Smartphones with OS from the FBI appeared on the secondary market

July 13, 2021 became known about the appearance on the secondary market smartphones under the management operating system Arcane developed by the Federal Bureau of Investigation (). FBI More. here

2019

FBI will be repurposed to combat cyber activity of Russia and China

The Federal Bureau of Investigation (FBI) launched in the spring of 2019 a large-scale program to retrain and repurpose its agents in the class of combating cybercrime, reports The Wall Street Journal. This is the largest program of its kind since the September 11, 2001 terrorist attack "^[5] 9/11^[6]

According to the new head of the FBI's cybercrime, response and service division, Amy Hess, the current situation is very similar to the changes that took place in the bureau after the September 11 attacks. "I grew up in the FBI working on criminal investigations - I worked on violent crime, gangs and drugs. Then it happened on September 11. And there was a feeling that we were all transferred to the fight against terrorism, "explains Hess, specifying that now there is the same change in the direction of work, only towards the fight against cybercrime

Recall, created in 1908, the FBI was originally a small office inside the Ministry of Justice, whose task was to combat prostitution, bank robberies and bootlegging. Gradually, the scope of the bureau expanded to include the fight against organized crime, foreign espionage and drug transportation.

Why do you need it?

The measure is caused by the fact that at the moment the United States cannot effectively withstand cyber threats directed against the country. As the FBI explained, this is primarily about the alleged interference of Russian hackers in the electoral process and the theft of data from American companies by China. According to FBI Director Christopher Wray, at the moment all 56 field offices of the bureau have opened some kind of investigation into economic espionage, traces of which are leading to China.

According to Third Way, a center-left think tank in Washington, law enforcement officers are currently taking action in the United States against less than 1% of all cybercrime incidents. As a rule, only the most serious threats are selected for investigation, such as attacks of a national scale or sophisticated transnational crimes.

2017

Russian trace found in FBI fingerprint analysis software

The software used by the US Federal Bureau of Investigation and other US law enforcement agencies contains code developed by a Russian company, Buzzfeed writes at the end of 2017, citing a number of documents and knowledgeable persons^[7].

According to the resource, a French company, previously part of the Safran conglomerate, allegedly secretly acquired Russian development, introduced it into its software and deliberately hid this fact from the FBI. The speculation has added to concerns that so-called "Russian hackers" could gain access to the biometric data of millions of Americans and even compromise computer systems that are used in the interests of national security and law enforcement.

FBI blindly hacked computers in Russia

The FBI routinely hacked devices abroad as part of standard FBI criminal investigations^[8], according to released court ^[9].

During the investigation of the Playpen website, which distributed child pornography, in 2015, the FBI hacked devices in Russia, China, Iran and other countries, according to The Daily Beast. A hacker operation using malware was carried out on the Deep Web (the shadow part of the Internet). Playpen visitors entered the site via Tor, so their real IP addresses were hidden, and law enforcement officers did not initially know the true location of those they hacked.

When law enforcement in another country determined that Playpen was actually managed from U.S. territory, the FBI seized the site's servers. However, law enforcement officers did not close it immediately, but moved the servers to a government facility, and for another 13 days Playpen continued to work. During this period, the FBI used malware to hack into the computers of visitors to the site and obtain information about them. In particular law enforcement authorities were interested in the IP addresses allowing to define location of users.

In total, the FBI hacked 8,000 systems in 120 countries. Hundreds of suspects were arrested as a result of the operation, as well as hundreds of children who were victims of violence were identified. However, the bureau did not report that some of the hacked computers were in, to put it mildly, unfriendly US states.

According to experts, such a blind "knocking out of the digital doors" of non-allied US states can lead to geopolitical conflicts. If the FBI considers itself entitled to hack devices in foreign countries, then the law enforcement agencies of these countries can also hack devices in the United States as part of their own investigations, said Scarlet Kim, legal adviser to the human rights organization Privacy International.

FBI needs experts

About 40% of jobs cyber security in the Federal Bureau of Investigation Department FBI () remain vacant. This is evidenced by the report on the implementation of the national cybersecurity strategy USA in 2015, which was published by the Ministry of Justice^[10]

According to the ministry, the FBI was supposed to staff 134 information security researchers. However, 52 seats are still not occupied. In addition, 56 FBI field offices do not have their own assigned to the information security specialist office

Increase funding for cyber units

US President Donald Trump proposed in March to significantly increase funding for cyber units of the FBI and the US Department of Homeland Security. It is planned to allocate an additional $61 million a year to combat cybercrime and track terrorist communications on the Internet.

"The FBI will be able to direct expanded resources to its high-class special agents and analysts, as well as invest $61 million more in the fight against terrorism, foreign intelligence and cyber threats, as well as counter threats to public and national security arising from the use of encrypted developments and services by aggressors," - said in a project proposed by President Trump^[11].

If this project is adopted, the FBI budget in 2018 as a whole will grow by $249 million (by 3% compared to 2017), although most of the additional funds will go to the fight against drug dealers.

As for the fight against cyber crime, the Trump project calls for a significant increase in interaction between government agencies and the private sector. The center for the exchange of information on current threats should be the Department of Homeland Security, which will be allocated $1.5 billion to ensure the protection of federal networks and critical infrastructure from hackers.

Moving GMail servers to Russia will not save correspondence from the FBI

In February 2017, an American court ordered Google to publish the correspondence of mail service customers located on servers outside the United States. According to Reuters, by decision, the letters should be transferred to the FBI officers leading^[12] investigation^[13] will ^[14].

According to the ministers of Themis, the order is not "serious interference" and "a violation of the interests of account owners." "Extracting Google data from its numerous data centers abroad in the future can be assessed as an invasion of privacy, but in fact, a violation of the confidentiality of information occurs at the time of its disclosure in the United States," the newspaper notes.

Google announced that they intend to appeal the court order, noting that the judges "did not take the previously established precedent."

2016

US legalized FBI's right to hack PCs around the world

Amendments to Article 41 entered into force

On December 1, 2016, changes in US law came into force that would significantly expand the powers of the FBI and other intelligence agencies to conduct cyber operations during^[15] investigation^[16].

From now on, any US district judge can issue an FBI warrant to hack computers anywhere in the world. Previously, the validity of the warrant was limited to the county where it was issued.

The corresponding amendments to Article 41 of the Federal Rules of Criminal Procedure were approved by the US Supreme Court in April 2016. Today they entered into force, despite fierce opposition from parliamentarians.

«Pros and cons»

Since any warrant can now authorize cyber operations anywhere, the FBI no longer needs to seek consent from a judge in the exact county where the investigation is being conducted. Critics of the amendments argue that the bureau will begin to appeal exclusively to those judges who are loyal to the authorities, which will make obtaining a warrant a very easy task.

The Justice Department, which promoted the draft amendments, made the case for the changes. For example, the FBI will now be able to plan operations against those cybercriminals who hide their location, as well as more effectively combat large-scale attacks by botnets and ransomware.

Contract attack on Trump presidential candidates about alleged ties to Russia

Special counsel John Durham, Donald Trump appointed under the president, released a report in May 2023 saying FBI agents lacked "factual evidence" when they opened an investigation into collusion by members of Trump's 2016 presidential campaign with. Russia

[1]According to the 300-page document, the intelligence agency used "raw and unconfirmed intelligence" to motivate the start of the investigation. The special prosecutor noted that during the investigation, investigators paid too much attention to the data provided by Trump's political competitors.

Investing in mass surveillance technologies

In June 2016, it became known about the plans of the US FBI to spend "hundreds of millions of dollars" on mass surveillance technology. We are talking, perhaps, about methods of gaining access to data on user devices without the help of operators or providers. This is allowed without a court warrant^[17] of^[17]

The Intercept reported on the Federal Bureau of Investigation's intentions to direct "hundreds of millions of dollars" to develop technology that will help ensure US national security and investigate crimes. The FBI does not voice the exact amount.

Center for Monitoring and Control, (2013)

The development of secret technology is carried out by Operational Technology Division (OTD). In December 2015, The Washington Post reported that the budget of this unit is from $600 million to $800 million. At the same time, for 2017, the FBI asked for an additional $123 million, including $85 million to strengthen its own information security and $38 million for events related to decoding encrypted communication channels and exposing anonymous Internet users.

OTD interests can be associated with the ability to control users of mobile devices without contacting operators and service providers. In June, a seminar was held in the United States, organized by the Council on Computer Engineering and Telecommunications at the National Academy of Sciences, Mechanical Engineering and Medicine with money from National Intelligence. The event discussed the technical implementation of data access on secure devices without violating the security of these devices.

The FBI seeks to keep the technology that it uses in its investigations, both on a local and global scale, secret. One of them is Stingrays technology, which simulates the operation of a cell site and intercepts calls, allowing you to listen to them and determine the location of the subscriber.

The Federal District Court for the Eastern District of Virginia decided that the FBI could hack into the computers of American citizens without obtaining a court warrant. The decision was made as part of the Playpen child pornography website.

During the hearing, one of the suspects declared a violation of his rights by the FBI, gaining access to the IP address of his computer, they say, he refers to personal data. The judge in response to this stated that the IP address does not apply to personal data.

Google publishes FBI letters requesting user data for the first time

Google provides an opportunity to look into the world of national security letters for the first time - requests from the FBI demanding data on account owners and keep the fact of such requests secret^[18].

These letters are part of the business for Google and other large Internet companies, but traditionally they have been removed from the right to recognize the existence of such letters. This changed in 2013, when, in light of revelations about internet surveillance by US intelligence agencies, Google and others began to fight for the right to disclose more information about requirements from the FBI.

This led to the creation of a "transparency report" by Google, which showed that every month the company receives thousands of requests from law enforcement agencies around the world regarding user data. The national security letters remained secret, but Google published some of them on Tuesday that are no longer subject to nondisclosure rules.

The eight letters cover the period from March 2010 to September 2015 and contain enquiries about 21 accounts.

The exact email addresses were hidden. On all but one, the username was hidden, in order to show that all these accounts belong to "gmail.com." Only one email address was provided in full, hinting that it may be the address of other email services hosted on Google servers. All the letters are similar. Each of them refers to law 18 US Code § 2709^[19] and indicates the obligation of Google to provide the name, address, term of service and records of electronic transactions related to the account. They note that the FBI is not interested in the topic or content of the email messages sent.

"By fulfilling your obligations in accordance with this letter, please do not disconnect, suspend, block, cancel and interrupt the provision of services," the letter says.

2015: Google passed data on Wikileaks employees to FBI for years

• Google's relationship with governments and intelligence agencies around the world

In the British press in early 2015, information appeared that the management of WikiLeaks went to Google with a demand to explain the long-term transfer of information about the personal correspondence of some employees of the site to the FBI. According to reports, information on three employees was transmitted over a three-year period^[20] for^[21].

The court warrant was obtained by Google back in the spring of 2012, it required, without notifying persons, to provide full access to information about accounts, phones and correspondence of three employees of the notorious site. At the same time, users were notified about the transfer of data only in December last year.

WikiLeaks was outraged by this behavior of Google, which for a long time hid the fact of such a transfer, which violated the legal rights of people to protect their privacy. Among the requirements of the online publication are the disclosure of information about the transmitted information, the presence of other requests from the American special services, as well as a list of actions that were taken by Google to ensure the security of its customers.

It is worth noting that this is not the first time that Google is accused of providing the full volume of data about its users at the request of the special services, and the leadership of the American giant does not hide that they will provide all the necessary data for court requests and beyond.

Recall that Julian Assange last fall compared Google with accomplices of special services who are engaged in espionage at the request of the FBI, NSA and other departments. As for Assange himself, he has been hiding in London on the territory of the Ecuadorian Embassy for 2.5 years.

2001: FBI entitled to any internet user data

In 2001, the United States adopted the Anti-Terrorism Act, according to which a new document was introduced into the use of federal services - a letter-requirement for the disclosure of personal confidential information for national security purposes. The difference between a letter and a court warrant is that the letter can be written by FBI or another service on its own, without the participation of a judge. By presenting such a letter to the company, the FBI can access any user data and prohibit management from informing him about it.

1972: Release of 86 hostages on plane seized in Maya

On July 31, 1972, George Wright and other members of the Chernaya Liberation Army captured a DC-8 passenger plane of the American Delta airline in Miami. The terrorist dressed as a sutana and pretended to be a clergyman. He managed to carry a gun on board, hiding the weapon in the Bible.

86 people were held hostage. For their release, Wright demanded a million dollars in cash. He put forward a condition: money in small denominations should be brought by FBI agents dressed only in swimming trunks. George and his aides wanted to be confident that the agents would be unarmed. The authorities agreed. Photos of FBI agents in swimming trunks were then published by all American newspapers.

An FBI agent stripped to his underpants brings $1 million in a suitcase as a ransom for 86 hostages, Miami, July 1972.

The terrorists released the passengers, but not the crew members. The pilots were ordered to fly first to Boston, where the liner had to be refueled, and then to Algeria. The police of this country confiscated the money from Wright, but did not detain him or his friends. After that, the hijackers disappeared without a trace. Some of them were arrested in Paris in 1976. George Wright was not among them.

FBI is already desperate to find the gunman, but after 40 years, in 2011, he ventured into contact with his relatives in the US. It turned out that all these years he was hiding in Portugal, where he traded souvenirs on the beach and worked as a bouncer in a bar. There, at the age of 68, the local police took him.

1963

Soviet caricature "Telephone Communication in the USA," 1963.

1944

Fingerprint files at the FBI, 1944.

Notes