Every security and criminal threat that the FBI faces has a cyber or tech component that is increasing in frequency and sophistication, presenting tremendous challenges for FBI investigators, the bureau's director, Christopher Wray, told members of the Senate Homeland Security and Government Affairs Committee Wednesday.
We face sophisticated cyber threats from foreign intelligence agencies, hackers for hire, organized crime syndicates, and terrorists. Threat actors—foreign intelligence agencies, organized groups, terrorists and hackers for hire—“constantly seek to access and steal our nation's classified information, trade secrets, technology, and ideas—all of which are of great importance to our national and economic security,” Wray said in his opening statement, noting that critical infrastructure and the U.S. economy are in their crosshairs. “The frequency and impact of cyberattacks on our nation's private sector and government networks have increased dramatically in the past decade and are expected to continue to grow,” as is reporting of malicious activity, gauged “by the amount of corporate data stolen or deleted, personally identifiable information compromised, or remediation costs incurred by U.S. victims.”
Wray said the FBI is increasing its efforts to intertwine intelligence and operations, asking Congress to renew Section 702 of the Foreign Intelligence Surveillance Act (FISA) without a sunset provision.
“Section 702 is a critical tool that the intelligence community uses properly to target non-U.S. persons located outside the United States to acquire information vital to our national security,” he said, offering assurances that the program won't encourage government overreach. “To protect privacy and civil liberties, this program has operated under strict rules and been carefully overseen by all three branches of the government.
Echoing his successor, Wray expressed frustration with the “real and growing gap between law enforcement's legal authority to access digital information and its technical ability to do so.”
Noting that “the exploitation of encrypted platforms presents serious challenges to law enforcement's ability to identify, investigate, and disrupt threats that range from counterterrorism to child exploitation, gangs, drug traffickers and white-collar crimes,” Wray said the FBI's “aim is not to expand the government's surveillance authority, but rather to ensure that we can obtain electronic information and evidence pursuant to the legal authority that Congress has provided to us to keep America safe.”
The challenge will continue to grow as society becomes more reliant on electronic devices to communicate and store data. “When changes in technology hinder law enforcement`s ability to exercise investigative tools and follow critical leads, those changes also hinder efforts to identify and stop terrorists who are using social media to recruit, plan, and execute an attack in our country,” he said.
If the bureau can't access evidence stored in laptops and other devices, “it will have ongoing, significant impacts on our ability to identify, stop, and prosecute these offenders,” Wray said, noting that “in the first 10 months of this fiscal year, the FBI was unable to access the content of more than 6,000 mobile devices using appropriate and available technical tools, even though there was legal authority to do so,”…or "slightly over half of all the mobile devices the FBI attempted to access in that time frame.”