The White House says Section 702 is critical for cybersecurity, yet public evidence is sparse | CyberScoop<\/title> <meta name=\"description\" content=\"An FBI official told CyberScoop that a "plurality" of Section 702 searches pertain to investigations into nation-state cyberattacks.\"> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/white-house-section-702-fisa-surveillance\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"The White House says Section 702 is critical for cybersecurity, yet public evidence is sparse\"> <meta property=\"og:description\" content=\"An FBI official told CyberScoop that a "plurality" of Section 702 searches pertain to investigations into nation-state cyberattacks.\"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/white-house-section-702-fisa-surveillance\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:published_time\" content=\"2023-06-02T19:14:33+00:00\"> <meta property=\"article:modified_time\" content=\"2023-06-02T19:15:02+00:00\"> <meta property=\"og:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/06\/the-white-house-says-section-702-is-critical-for-cybersecurity-yet-public-evidence-is-sparse-1.jpg\"> <meta property=\"og:image:width\" content=\"1920\"> <meta property=\"og:image:height\" content=\"1280\"> <meta property=\"og:image:type\" content=\"image\/jpeg\"> <meta name=\"author\" content=\"Tonya Riley\"> <meta name=\"twitter:card\" content=\"summary_large_image\"> <meta name=\"twitter:creator\" content=\"@tonyajoriley\">  <link rel=\"dns-prefetch\" href=\"\/\/cdn.parsely.com\">\n<link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-0\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1684764845g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-2\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress-next\/dist\/css\/related-posts-block-styles.min.css?m=1685722702g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-4\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1685981853g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=172264176d4de0f97962\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/74370\"><link rel=\"EditURI\" type=\"application\/rsd+xml\" title=\"RSD\" href=\"https:\/\/cyberscoop.com\/xmlrpc.php?rsd\">\n<link rel=\"wlwmanifest\" type=\"application\/wlwmanifest+xml\" href=\"https:\/\/cyberscoop.com\/wp-includes\/wlwmanifest.xml\">\n<meta name=\"generator\" content=\"WordPress 6.2.2\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=74370\">\n<link rel=\"alternate\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fwhite-house-section-702-fisa-surveillance%2F\">\n<link rel=\"alternate\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fwhite-house-section-702-fisa-surveillance%2F&format=xml\">\n<meta name=\"parsely-title\" content=\"The White House says Section 702 is critical for cybersecurity, yet public evidence is sparse\"><br \/>\n<meta name=\"parsely-link\" content=\"http:\/\/cyberscoop.com\/white-house-section-702-fisa-surveillance\/\"><br \/>\n<meta name=\"parsely-type\" content=\"post\"><br \/>\n<meta name=\"parsely-image-url\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/06\/the-white-house-says-section-702-is-critical-for-cybersecurity-yet-public-evidence-is-sparse-1.jpg?w=150&h=150&crop=1\"><br \/>\n<meta name=\"parsely-pub-date\" content=\"2023-06-02T19:14:33Z\"><br \/>\n<meta name=\"parsely-section\" content=\"Government\"><br \/>\n<meta name=\"parsely-tags\" content=\"china,fbi,nsa,ransomware,russia,section 702\"><br \/>\n<meta name=\"parsely-author\" content=\"Tonya Riley\">   <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"post-template-default single single-post postid-74370 single-format-standard\" id=\"readabilityBody\"> <svg viewBox=\"0 0 0 0\" width=\"0\" height=\"0\" focusable=\"false\" role=\"none\"><defs><filter id=\"wp-duotone-dark-grayscale\"><feColorMatrix color-interpolation-filters=\"sRGB\" type=\"matrix\" values=\" .299 .587 .114 0 0 .299 .587 .114 0 0 .299 .587 .114 0 0 .299 .587 .114 0 0 \" \/><feComponentTransfer color-interpolation-filters=\"sRGB\"><feFuncR type=\"table\" tableValues=\"0 0.49803921568627\" \/><feFuncG type=\"table\" tableValues=\"0 0.49803921568627\" \/><feFuncB type=\"table\" tableValues=\"0 0.49803921568627\" \/><feFuncA type=\"table\" tableValues=\"1 1\" \/><\/feComponentTransfer><feComposite in2=\"SourceGraphic\" operator=\"in\" \/><\/filter><\/defs><\/svg><svg viewBox=\"0 0 0 0\" width=\"0\" height=\"0\" focusable=\"false\" role=\"none\"><defs><filter id=\"wp-duotone-grayscale\"><feColorMatrix color-interpolation-filters=\"sRGB\" type=\"matrix\" values=\" .299 .587 .114 0 0 .299 .587 .114 0 0 .299 .587 .114 0 0 .299 .587 .114 0 0 \" \/><feComponentTransfer color-interpolation-filters=\"sRGB\"><feFuncR type=\"table\" tableValues=\"0 1\" \/><feFuncG type=\"table\" tableValues=\"0 1\" \/><feFuncB type=\"table\" tableValues=\"0 1\" \/><feFuncA type=\"table\" tableValues=\"1 1\" \/><\/feComponentTransfer><feComposite in2=\"SourceGraphic\" operator=\"in\" \/><\/filter><\/defs><\/svg><svg viewBox=\"0 0 0 0\" width=\"0\" height=\"0\" focusable=\"false\" role=\"none\"><defs><filter id=\"wp-duotone-purple-yellow\"><feColorMatrix color-interpolation-filters=\"sRGB\" type=\"matrix\" values=\" .299 .587 .114 0 0 .299 .587 .114 0 0 .299 .587 .114 0 0 .299 .587 .114 0 0 \" \/><feComponentTransfer color-interpolation-filters=\"sRGB\"><feFuncR type=\"table\" tableValues=\"0.54901960784314 0.98823529411765\" \/><feFuncG type=\"table\" tableValues=\"0 1\" \/><feFuncB type=\"table\" tableValues=\"0.71764705882353 0.25490196078431\" \/><feFuncA type=\"table\" tableValues=\"1 1\" \/><\/feComponentTransfer><feComposite in2=\"SourceGraphic\" operator=\"in\" \/><\/filter><\/defs><\/svg><svg viewBox=\"0 0 0 0\" width=\"0\" height=\"0\" focusable=\"false\" role=\"none\"><defs><filter id=\"wp-duotone-blue-red\"><feColorMatrix color-interpolation-filters=\"sRGB\" type=\"matrix\" values=\" .299 .587 .114 0 0 .299 .587 .114 0 0 .299 .587 .114 0 0 .299 .587 .114 0 0 \" \/><feComponentTransfer color-interpolation-filters=\"sRGB\"><feFuncR type=\"table\" tableValues=\"0 1\" \/><feFuncG type=\"table\" tableValues=\"0 0.27843137254902\" \/><feFuncB type=\"table\" tableValues=\"0.5921568627451 0.27843137254902\" \/><feFuncA type=\"table\" tableValues=\"1 1\" \/><\/feComponentTransfer><feComposite in2=\"SourceGraphic\" operator=\"in\" \/><\/filter><\/defs><\/svg><svg viewBox=\"0 0 0 0\" width=\"0\" height=\"0\" focusable=\"false\" role=\"none\"><defs><filter id=\"wp-duotone-midnight\"><feColorMatrix color-interpolation-filters=\"sRGB\" type=\"matrix\" values=\" .299 .587 .114 0 0 .299 .587 .114 0 0 .299 .587 .114 0 0 .299 .587 .114 0 0 \" \/><feComponentTransfer color-interpolation-filters=\"sRGB\"><feFuncR type=\"table\" tableValues=\"0 0\" \/><feFuncG type=\"table\" tableValues=\"0 0.64705882352941\" \/><feFuncB type=\"table\" tableValues=\"0 1\" \/><feFuncA type=\"table\" tableValues=\"1 1\" \/><\/feComponentTransfer><feComposite in2=\"SourceGraphic\" operator=\"in\" \/><\/filter><\/defs><\/svg><svg viewBox=\"0 0 0 0\" width=\"0\" height=\"0\" focusable=\"false\" role=\"none\"><defs><filter id=\"wp-duotone-magenta-yellow\"><feColorMatrix color-interpolation-filters=\"sRGB\" type=\"matrix\" values=\" .299 .587 .114 0 0 .299 .587 .114 0 0 .299 .587 .114 0 0 .299 .587 .114 0 0 \" \/><feComponentTransfer color-interpolation-filters=\"sRGB\"><feFuncR type=\"table\" tableValues=\"0.78039215686275 1\" \/><feFuncG type=\"table\" tableValues=\"0 0.94901960784314\" \/><feFuncB type=\"table\" tableValues=\"0.35294117647059 0.47058823529412\" \/><feFuncA type=\"table\" tableValues=\"1 1\" \/><\/feComponentTransfer><feComposite in2=\"SourceGraphic\" operator=\"in\" \/><\/filter><\/defs><\/svg><svg viewBox=\"0 0 0 0\" width=\"0\" height=\"0\" focusable=\"false\" role=\"none\"><defs><filter id=\"wp-duotone-purple-green\"><feColorMatrix color-interpolation-filters=\"sRGB\" type=\"matrix\" values=\" .299 .587 .114 0 0 .299 .587 .114 0 0 .299 .587 .114 0 0 .299 .587 .114 0 0 \" \/><feComponentTransfer color-interpolation-filters=\"sRGB\"><feFuncR type=\"table\" tableValues=\"0.65098039215686 0.40392156862745\" \/><feFuncG type=\"table\" tableValues=\"0 1\" \/><feFuncB type=\"table\" tableValues=\"0.44705882352941 0.4\" \/><feFuncA type=\"table\" tableValues=\"1 1\" \/><\/feComponentTransfer><feComposite in2=\"SourceGraphic\" operator=\"in\" \/><\/filter><\/defs><\/svg><svg viewBox=\"0 0 0 0\" width=\"0\" height=\"0\" focusable=\"false\" role=\"none\"><defs><filter id=\"wp-duotone-blue-orange\"><feColorMatrix color-interpolation-filters=\"sRGB\" type=\"matrix\" values=\" .299 .587 .114 0 0 .299 .587 .114 0 0 .299 .587 .114 0 0 .299 .587 .114 0 0 \" \/><feComponentTransfer color-interpolation-filters=\"sRGB\"><feFuncR type=\"table\" tableValues=\"0.098039215686275 1\" \/><feFuncG type=\"table\" tableValues=\"0 0.66274509803922\" \/><feFuncB type=\"table\" tableValues=\"0.84705882352941 0.41960784313725\" \/><feFuncA type=\"table\" tableValues=\"1 1\" \/><\/feComponentTransfer><feComposite in2=\"SourceGraphic\" operator=\"in\" \/><\/filter><\/defs><\/svg> <a href=\"https:\/\/cyberscoop.com\/white-house-section-702-fisa-surveillance\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--newsletter js-stickybar\" readability=\"0.82\"> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \" readability=\"25.406679764244\">\n<div class=\"single-article__header-content\" readability=\"30.384905660377\">\n<ul class=\"single-article__eyebrow\">\n<li class=\"single-article__category\"> <a class=\"single-article__category-link\" href=\"https:\/\/cyberscoop.com\/news\/government\/\"> <span>Government<\/span> <\/a> <\/li>\n<\/ul>\n<p> An FBI official told CyberScoop that a “plurality” of Section 702 searches pertain to investigations into nation-state cyberattacks. <\/p>\n<\/p><\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"426\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2023\/06\/the-white-house-says-section-702-is-critical-for-cybersecurity-yet-public-evidence-is-sparse.jpg?resize=640%2C426&ssl=1\" class=\"single-article__cover-image wp-post-image\" alt decoding=\"async\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/06\/the-white-house-says-section-702-is-critical-for-cybersecurity-yet-public-evidence-is-sparse-1.jpg 1920w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/06\/the-white-house-says-section-702-is-critical-for-cybersecurity-yet-public-evidence-is-sparse-1.jpg?resize=300,200 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/06\/the-white-house-says-section-702-is-critical-for-cybersecurity-yet-public-evidence-is-sparse-1.jpg?resize=768,512 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/06\/the-white-house-says-section-702-is-critical-for-cybersecurity-yet-public-evidence-is-sparse-1.jpg?resize=1024,683 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/06\/the-white-house-says-section-702-is-critical-for-cybersecurity-yet-public-evidence-is-sparse-1.jpg?resize=1536,1024 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/06\/the-white-house-says-section-702-is-critical-for-cybersecurity-yet-public-evidence-is-sparse-1.jpg?resize=600,400 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/06\/the-white-house-says-section-702-is-critical-for-cybersecurity-yet-public-evidence-is-sparse-1.jpg?resize=252,168 252w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/06\/the-white-house-says-section-702-is-critical-for-cybersecurity-yet-public-evidence-is-sparse-1.jpg?resize=506,337 506w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/06\/the-white-house-says-section-702-is-critical-for-cybersecurity-yet-public-evidence-is-sparse-1.jpg?resize=1013,675 1013w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2023\/06\/the-white-house-says-section-702-is-critical-for-cybersecurity-yet-public-evidence-is-sparse-1.jpg?resize=1265,843 1265w\" sizes=\"(max-width: 1013px) 100vw, 1013px\"><figcaption> Senate Intelligence Committee Co-Chair Mark Warner, seen here at the U.S. Capitol on April 19, told CyberScoop he’s “frustrated” that more examples of Section 702 related cases haven’t been made public. (Photo by Chip Somodevilla\/Getty Images) <\/figcaption><\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"121.93436624105\"><body readability=\"244.5839199124\"><\/p>\n<p>Since the Biden administration came out in favor of reauthorizing Section 702 of the Foreign Intelligence Surveillance Act in February, the intelligence community has pointed to the growing threat of foreign cyberattacks on the U.S. as a key argument in favor of the controversial surveillance tool. <\/p>\n<p>Officials have made broad and general declarations, pointing to wide-ranging applications <a href=\"https:\/\/www.nsa.gov\/Press-Room\/News-Highlights\/Article\/Article\/3266166\/keynote-speech-by-gen-paul-m-nakasone-at-the-privacy-and-civil-liberties-oversi\/\" target=\"_blank\" rel=\"noreferrer noopener\">that include<\/a> thwarting multiple ransomware attacks against U.S. critical infrastructure, finding out a foreign adversary had hacked sensitive information related to the American military and uncovering a cyberattack against critical federal systems.<\/p>\n<p>Yet, 15 years into Section 702\u2019s history, declassified examples of thwarting cyberattacks are sparse. In the little over three months that the Biden administration has been <a href=\"https:\/\/cyberscoop.com\/congress-section-702-surveillance-biden-white-house\/\">publicly advocating for the renewal of Section 702<\/a>, it hasn\u2019t mentioned a single specific public incident where Section 702 was used, despite a term marked by both ample cyber attacks and well-publicized takedowns of foreign hackers.<\/p>\n<p>That lack of transparency and specificity doesn\u2019t appear to be helping the Biden administration in what will likely be an uphill battle for Congress to reauthorize the authority before it sunsets in December. Even some of the authority\u2019s greatest supporters have expressed frustration.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>\u201cWhether it\u2019s helping to identify victims so they can be notified of the attack or helping to identify ransomware actors, 702 has been invaluable over the past several years,\u201d Sen. Mark Warner, D-Va., told CyberScoop in an email. \u201cHowever, I am frustrated that more of these compelling examples have not yet been made public.\u201d<\/p>\n<p>Warner\u2019s office confirmed that the intelligence community has shared examples of the tool\u2019s cyber significance in classified settings but declined to elaborate.<\/p>\n<p>\u201cWhile it\u2019s important that we do not risk sources and methods, it is also critical that we explain to the American people what will be lost and how they would be increasingly vulnerable to cybercriminals and foreign governments if this authority were allowed to expire,\u201d the Senate Intelligence chairman wrote.<\/p>\n<p>Adam Hickey, former assistant attorney general of the Justice Department\u2019s national security division, echoed Warner\u2019s concerns. \u201cI think they\u2019re fighting with one hand behind their back,\u201d said Hickey, now a partner at the law firm Mayer Brown. \u201cOn the one hand, you don\u2019t want the very people who pose a threat to understand your capabilities, because they will work around them \u2026 On the other hand, you don\u2019t want to be so careful to avoid that risk that you lose the very authority itself.\u201d <\/p>\n<p>The reticence also isn\u2019t helping the civil liberties community, either, who have challenged the intelligence community\u2019s persistent claims that any reforms to Section 702 that slow down investigators would imperil America\u2019s national security. <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>\u201cIf that\u2019s what the FBI is going to say \u2014 not only is it useful for cyber, but it\u2019s useful in this preventive way, this very rapid way \u2014 I think this claim needs to be able to be backed up with some examples,\u201d said Jake Laperruque, deputy director at the Security and Surveillance Project for the Center For Democracy & Technology.<\/p>\n<p>Section 702 was first passed in 2008 as an amendment to FISA, pitched initially as a key tool in America\u2019s fight against terrorism. The authority allows the U.S. government to collect the U.S.-based communications of non-Americans outside the country. The collection of the data of U.S. citizens using Section 702 is prohibited, but such data is often swept up in the surveillance in \u201cincidental collection.\u201d This data can be searched by the FBI under certain statutory requirements.<\/p>\n<p>While the amount of FBI searches of 702 data has fluctuated over time, the amount of those searches related to cybersecurity has steadily increased. In a recent interview with CyberScoop, a senior FBI adviser confirmed that \u201cabout half\u201d or a \u201cplurality\u201d of Section 702 database searches made by the agency today relate to the investigation of malicious, state-sponsored cyber attacks. While the adviser couldn\u2019t say how much of an increase that was from previous years, they said it was reflective of an overall shift in the agency\u2019s work toward more cyber investigations.<\/p>\n<p>\u201cOur use of the authority in the FBI and across the intelligence community is weighted a lot more heavily towards cyber now than it was five years ago,\u201d the senior FBI adviser said. \u201cPart of that use of this authority is reflective of its value, and the fact that we are just doing more work in this field and we\u2019re seeing cyber threats increase over time.\u201d<\/p>\n<p>While the FBI adviser couldn\u2019t share any specific examples, there is some limited data about how Section 702 data has shown up in cyber investigations. For instance, in its 2022 annual transparency report the ODNI wrote that of the 3.4 million searches made by the FBI in 2021, <a href=\"https:\/\/www.cnn.com\/2022\/04\/29\/politics\/intel-report-fbi-searches\/index.html\">nearly two million<\/a> were related to an investigation into an alleged attempt by Russian hackers to break into critical infrastructure. The searches helped to identify potential victims, officials said at the time. <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>The number of FBI searches <a href=\"https:\/\/cyberscoop.com\/fbi-702-fisa-americans-digital-data\/\">declined dramatically in 2022<\/a>, in part due to a new methodology used by the FBI to count searches. <\/p>\n<p>\u201cCyberattacks happen at a larger scale. And therefore, the amount of information collected and queried on cyber attacks is just proportionately larger,\u201d said Tom Bossert, the former United State Homeland Security adviser under the Trump administration. \u201cYou can imagine hundreds of thousands of attempted cyber attacks in any given period of time, and perhaps only five terrorist phone calls in that same period.\u201d<\/p>\n<p>In its early days, Section 702 was branded as a powerful counter-terrorism tool, reflecting the intelligence community\u2019s focus at the time. In fact, some of the program\u2019s biggest declassified successes involve foiling terrorist plots and taking down their leaders. Most recently, last summer Section 702 intelligence <a href=\"https:\/\/abcnews.go.com\/Politics\/top-us-officials-sound-alarm-coming-expiration-critical\/story?id=97527110#:~:text=Section%20702%2Dacquired%20information%20helped,helped%20authorities%20disrupt%20foreign%20adversaries'\">led to a successful operation<\/a> against al-Qaeda leader Ayman al-Zawahiri. <\/p>\n<p>It was only in 2017 amidst the last renewal debate that cybersecurity began to take a more leading role, with examples of thwarted ransomware attempts <a href=\"https:\/\/www.nsa.gov\/Press-Room\/News-Highlights\/Article\/Article\/1627009\/section-702-saves-lives-protects-the-nation-and-allies\/\" target=\"_blank\" rel=\"noreferrer noopener\">eclipsing references<\/a> to ISIS and other terrorist cells. Now, it often takes top billing when discussing the threats that nation-states pose to the homeland. In its <a href=\"https:\/\/www.dni.gov\/files\/ODNI\/documents\/assessments\/ATA-2023-Unclassified-Report.pdf\" target=\"_blank\" rel=\"noreferrer noopener\">2023 annual threats assessment<\/a>, the Office of the Director of National Intelligence put China, Russia, North Korea and Iran and their cyber capabilities among the leading threats to the nation.<\/p>\n<p>Bossert, who was in charge of the Trump administration\u2019s efforts to secure a reauthorization in 2017, sees the new strategy in part as reflective of the national security community\u2019s shifting focus. \u201cI think a lot of people will perceive the cyber threat to be real and ever-present. And fewer people find the terrorist threat to be as urgent,\u201d he said. \u201cAnd I\u2019d like to think that\u2019s because we\u2019ve spent 20 years confronting that problem and putting controls in place.\u201d<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Officials say part of the reason Section 702 has become so valuable in thwarting foreign actors is the complicated nature of cyberattacks. In the majority of cases, attackers use U.S. infrastructure as a lily pad into domestic targets. Intelligence officials have often pointed to this as a challenge when trying to follow the activity of foreign actors onto domestic soil, noting it as a <a href=\"https:\/\/therecord.media\/nsa-director-says-u-s-has-a-blind-spot-for-detecting-attacks-like-solarwinds-microsoft-exchange\">\u201cblind spot\u201d<\/a> that contributed to the failure to detect Russian hackers during the SolarWinds attack.<\/p>\n<p>Section 702, they say, fills restores that visibility. \u201cIt is an authority that lets us do collection against a known foreign entity who chooses to use U.S. infrastructure,\u201d NSA director of cybersecurity Rob Joyce told a crowd at the RSA Conference in April. \u201cAnd so it makes sure that we don\u2019t afford the same protections to those foreign malicious actors who are on our infrastructure as we do the Americans who live here.\u201d<\/p>\n<p>\u201cI can\u2019t do cybersecurity at the scope and scale we do it today without that authority,\u201d he added.<\/p>\n<p>The FBI and NSA aren\u2019t alone in praising the tool. This week a senior state department official spoke about how the tool is instrumental in informing the work of U.S. diplomats, <a href=\"https:\/\/cyberscoop.com\/section-702-fisa-state-north-korea\/\" target=\"_blank\" rel=\"noreferrer noopener\">including cybersecurity issues such as North Korean IT fraud<\/a>. <\/p>\n<p>One potential stakeholder the Biden administration has yet to seriously court in the fight to renew Section 702 is industry. The senior FBI adviser stressed how failure to renew the authority would hurt its ability to advise chief information security officers, inundated with warnings about vulnerabilities, about which specific threats are most urgent.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>\u201cThis is one of those things that lets us reach out to specific sectors and even specific companies to say, look, this specific vulnerability is one you want to take care of right now because we\u2019re seeing certain types of actors targeting companies, companies like you, using that,\u201d the senior FBI adviser said. \u201cWe\u2019re going to have a severely constricted optic in all those things if we\u2019re forced to rely solely on other tools.\u201d<\/p>\n<p>Former general counsel of the National Security Agency Stewart Baker has <a href=\"https:\/\/www.lawfareblog.com\/cisos-dont-ignore-fisa-section-702-debate\" target=\"_blank\" rel=\"noreferrer noopener\">made the case<\/a> that the intelligence community should do more to demonstrate to industry how they can benefit from Section 702. \u201cIf I were a CISO, I\u2019d want to weigh in on the kinds of warnings, the kinds of uses of this intelligence in real-time, that would be particularly useful to me.\u201d<strong> <\/strong><\/p>\n<p>Businesses need to understand that if Section 702 goes away, so does that intelligence, says Bossert. \u201cThey shouldn\u2019t just think of this as a national security threat. They should think of this as an enterprise threat to their company. And they should view the US government as a potential partner,\u201d he said.<strong> <\/strong>\u201cIf they expect the US government to continue to be a reliable partner\u2026they have to understand that the underlying information that they have to share is in the government\u2019s holdings because of authorities like 702.\u201d<\/p>\n<p>The senior FBI adviser told CyberScoop that the agency is looking at ways to increase industry engagement on the subject. \u201cThere\u2019s a variety of different stakeholders here. And industry, particularly when we\u2019re talking about cyber, is a very important one,\u201d the senior FBI adviser said \u201cSo that is something that we are going to take a look at going forward about how we can start getting them engaged now that this is really starting to bubble up to the top of the public conversation as well as the conversation on Capitol Hill and in other stakeholder constituencies.\u201d<\/p>\n<p>Even if there were more examples, it\u2019s unclear if Section 702\u2019s purported value in preventing these attacks can overcome the program\u2019s many criticisms, both from lawmakers wielding the power to reauthorize it and civil liberties groups seeking to reform the program. Most of the political pushback against the authority centers around concerns about well-documented abuses of America\u2019s civil liberties, public examples of which have nothing to do with ransomware or foreign actors infiltrating critical infrastructure. <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>For instance, a recently declassified 2022 U.S. court ruling found that the FBI had improperly searched for information on Americans in the FISA database 278,000 times, including to spy on political campaigns and protesters. The report sparked outrage from both leading Democrats and Republicans who insist that the program can\u2019t be reauthorized without reforms. <\/p>\n<p>(The FBI argues that it has implemented new compliance measures since those searches occurred to cut down on misuse.)<\/p>\n<p>Officials advocating for Section 702\u2019s reauthorization have been vague about what reforms they would be willing to discuss, instead emphasizing that changes should not diminish the tool\u2019s effectiveness. The reforms sought by advocates and lawmakers may do just that, at least in the eyes of the intelligence community. For instance, the senior FBI adviser said a warrant requirement, one of the top asks from reformers, would make it difficult for the agency to act swiftly to notify ransomware victims.<\/p>\n<p>CDT\u2019s Laperruque noted that courts have long recognized emergency exceptions to the warrant process. Reforms such as adding a warrant requirement to Section 702, which CDT and other groups are advocating for, wouldn\u2019t change that.<\/p>\n<p>\u201cThat\u2019s not going to stop Section 702 from being used for cyber,\u201d said Laperruque. \u201cIt\u2019s going to stop 702 from being used on Black Lives Matter and members of Congress, which is what we\u2019ve seen 702 used for in recent years.\u201d<\/p>\n<p><\/body> <\/p>\n<footer class=\"single-article__footer\">\n<div class=\"single-article__tags-container\">\n<h4 class=\"single-article__tags-title\">In This Story<\/h4>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<div class=\"popular-stories popular-stories--single-post\">\n<div class=\"popular-stories__container\">\n<h2 class=\"popular-stories__title\"> More Scoops <\/h2>\n<p>  <\/div>\n<p>\n<\/div>\n<p> <\/p>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p>   <\/body> <a href=\"https:\/\/cyberscoop.com\/white-house-section-702-fisa-surveillance\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The White House says Section 702 is critical for cybersecurity,<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[271,273,117,272,268,46,270,269],"tags":[277,279,119,278,274,54,276,275],"class_list":["post-1395","post","type-post","status-publish","format-standard","hentry","category-china","category-fbi","category-government","category-nsa","category-privacy","category-ransomware","category-russia","category-section-702","tag-china","tag-fbi","tag-government","tag-nsa","tag-privacy","tag-ransomware","tag-russia","tag-section-702"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/china\/\" rel=\"category tag\">China<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/fbi\/\" rel=\"category tag\">FBI<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/government\/\" rel=\"category tag\">Government<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/nsa\/\" rel=\"category tag\">nsa<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/privacy\/\" rel=\"category tag\">Privacy<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/ransomware\/\" rel=\"category tag\">ransomware<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/russia\/\" rel=\"category tag\">Russia<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/section-702\/\" rel=\"category tag\">Section 702<\/a>","tag_info":"Section 702","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/1395","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=1395"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/1395\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=1395"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=1395"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=1395"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

{"id":1395,"date":"2023-06-02T19:14:33","date_gmt":"2023-06-02T19:14:33","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=74370"},"modified":"2023-06-02T19:14:33","modified_gmt":"2023-06-02T19:14:33","slug":"the-white-house-says-section-702-is-critical-for-cybersecurity-yet-public-evidence-is-sparse","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2023\/06\/02\/the-white-house-says-section-702-is-critical-for-cybersecurity-yet-public-evidence-is-sparse\/","title":{"rendered":"The White House says Section 702 is critical for cybersecurity, yet public evidence is sparse"},"content":{"rendered":"