After a seven-year effort to obtain information from the Federal Bureau of Investigation (FBI) through a Mandatory Declassification Review (MDR), The Black Vault has finally succeeded in acquiring a previously unreleased document, albeit heavily redacted. Before this release, only brief citations were found in other files, also released to The Black Vault by the FBI.
This request (case number 1363960-000), filed on December 16, 2016, asked for a review of the FBI’s Cyber National Threat Assessment for the year 2008, as found in the reference citation above. The document, dated June 22, 2009, is an intelligence assessment by the FBI.
The document provides an in-depth analysis of the cyber threats to the United States, focusing on remote system intrusions or unauthorized access against the nation and its critical infrastructure. It covers the period from June 30, 2007, to July 1, 2008, while also incorporating earlier material for context. The assessment addresses various aspects of cyber threats, including tactics, techniques, and procedures used against process control systems, financial institutions, government networks, and the supply chain. It also explores the potential use of tools and technologies such as IPv6 and virtual worlds by malicious actors.
One of the key highlights of the document is the emphasis on the persistent threat posed by botnets. The assessment states, “Botnets continue to pose a threat to US critical infrastructures. These networks of compromised computers can be used to wage denial of service attacks against targeted online entities, conduct phishing and spamming campaigns, and steal passwords and other login credentials”.
The document also sheds light on the evolving nature of cyber threats, noting that attackers continuously develop new methods to exploit vulnerabilities. It mentions that “Attackers typically collect passwords, login credentials, keystrokes, credit card numbers, and personally identifying information from botnet victims”, highlighting the diverse objectives of cyber attackers.
The document remains heavily redacted, citing exemptions such as (b)(1), (b)(3), (b)(6), (b)(7)(C), and (b)(7)(E). These exemptions under the Freedom of Information Act (FOIA) and the Privacy Act, which justify the withholding of information from public disclosure, are defined as the following:
As noted in the release letter, the redactions were made by the United States Air Force – Office of Special Investigations (AFOSI), National Security Agency (NSA), Office of the Director of National Intelligence (ODNI), and United States Cyber Command (USCYBERCOM).
The heavy redactions in the document indicate the sensitivity of the information related to national security and law enforcement techniques, even after 15 years since it was originally written.
Follow The Black Vault on Social Media:
This post was published on April 5, 2024 1:49 pm
The Black Vault has uncovered information about the Air Force’s Marauder system through a recent…
In the late 1990s and early 2000s, the FBI's Carnivore system drew considerable attention and…
The Defense Advanced Research Projects Agency (DARPA) has unveiled its latest X-plane, the XRQ-73, under…
The following list of documents pertain to famous gangsters and the men who caught them.…
Background Welcome to the FBI Files on Historical Figures & Groups archive at The Black…
The release of a Freedom of Information Act (FOIA) document by the U.S. Nuclear Regulatory…