The CCP Cyber Threats to the American Homeland and National Security

Source: Federal Bureau of Investigation FBI Crime News

To combat this threat, the FBI has over 1,000 cyber personnel distributed throughout the United States who respond to incidents every single day. As the most geographically distributed cyber workforce in the federal government, the FBI responds to intrusions that affect not only U.S. critical infrastructure and big-name corporations, but also small businesses, our schools, and local government services in the communities you represent. The FBI’s response to each one of those incidents supports victims and allows us to learn how our adversaries operate—and who they might target next. We share that insight with cybersecurity agencies, the U.S. Intelligence Community (USIC), private industry, and international partners, so the global community of those fighting against cyber threats benefits from the FBI’s access and authorities.

“Investigations” are the umbrella under which the FBI conducts its activities, but that term should not imply that we only respond to events after the fact. Just the opposite: The FBI is focusing our unique authorities—and our ability to engage with international law enforcement, domestic targeted entities and victims, and key technology service providers—to identify and disrupt cyber adversaries before they compromise U.S. networks.

The information that the FBI uniquely collects assists our partner agencies, such as the Cybersecurity and Infrastructure Security Agency (CISA), as we work together to counter our adversaries. For example, FBI collection helps to identify other networks vulnerable to the same adversary technique. We help sector risk management agencies assess and mitigate cyber threats to critical infrastructure. We often provide U.S. Cyber Command or the National Security Agency (NSA) information on a piece of a malicious foreign actor’s infrastructure to disrupt or exploit. FBI collection facilitates the coordinative function of the Office of the National Cyber Director as they ensure coherence across federal cybersecurity. FBI’s collection also helps inform the National Security Council, so they can focus all the instruments of power the government might bring to bear against possible cyber threat actors. We also work with the State Department, including the new Bureau of Cyberspace and Digital Policy (CDP) and the Bureau of International Narcotics and Law Enforcement (INL), to build partner-country political and law enforcement support and partnerships for international investigations to counter cyber-enabled criminal activity impacting the United States. We value working with these federal partners toward the same goal, and when we use all these agencies’ complementary authorities together, we create a whole that’s greater than the sum of the agency parts.

This emphasis on sharing information and enabling our partners is part of the FBI’s continued move away from pursuing only indictments and arrests and towards a playbook where we work with government and industry partners around the world to execute joint, sequenced operations. That is how we impose the greatest possible costs on our adversaries and best protect our country. The willingness of the Department of Justice, including [the] FBI, to publicly attribute and expose damaging cyber intrusions by Russia, China, Iran, and North Korea has undermined those governments’ denials and created a platform for U.S. allies to condemn destabilizing cyber activity and impose costs of their own. Our decisions on how best to disrupt a cyber threat are guided by an assessment of which actions will most strengthen cybersecurity, regardless of who takes the shot or gets the credit.

In coordination with our partners, the FBI has successfully disrupted numerous nation-state campaigns and cybercriminal enterprises. Continued success will require repeated operations with our U.S. counterparts and foreign allies, and we must eliminate the sense of impunity many of these actors currently feel. Yes, the cyber threat is daunting, but when we combine the right people, the right tools, and the right authorities, we best protect our critical infrastructure.

Threat Overview

The USIC has assessed that China is attempting to preposition on U.S. critical infrastructure—setting up back doors to cripple vital assets and systems in the event China invades Taiwan and, therefore, limiting our ability to assist Taiwan.

We have observed the CCP target multiple critical infrastructure entities, attacks which could potentially jeopardize the physical safety of Americans. To give just one example, the FBI has identified PRC-backed hackers who gained access to the computer networks of a major U.S. transportation hub. In this case, the FBI quickly alerted the network operators to the particular portion of their network that had been compromised and assisted with fixing the vulnerabilities.

We are no longer in the Advanced Persistent Threat 1, or “APT1”, days of the PRC’s cyber program. In 2013, Mandiant, an American cybersecurity firm, publicly attributed APT1 activities to the People’s Liberation Army (PLA). Their pivotal report disclosed the bespoke malware commonly deployed by the PLA, which could easily be discovered by anti-virus/anti-malware programs. Today, we see PRC state-sponsored cyber actors, such as Volt Typhoon, “living off the land.” This technique uses legitimate network administration tools to perform malicious objectives, allows them to evade detection by blending in with normal operating system and network activities, avoid endpoint detection and response (EDR) products that would alert on the introduction of third-party applications to the host, and limit the amount of activity that is captured in default logging configurations.

The FBI’s Efforts to Counter PRC Cyber Actors

Together with our partners, we have released multiple Joint Cybersecurity Advisories on PRC state-sponsored cyber actors. These advisories provide details on PRC tactics, techniques, and procedures (TTPs) that can be used by network defenders to both find and prevent malicious cyber actors from accessing their networks. Increasingly, the scale and tradecraft of PRC cyber operations must be met with combined resources of the government and partners in the cybersecurity industry and others with broad insight into malicious activity on the internet.

Additionally, we work with our partners, such as CISA and other sector risk management agencies, to notify victims of cyber intrusions. These efforts include providing information to victim organizations to help respond to the intrusion, working with their IT [information technology] team to collect evidence, coordinating with attorneys, and conducing analysis to inform future responses. This evidence informs the public advisories that we release and other efforts to combat the threat.

Section 702 of the FISA Amendments Act of 2008

Section 702 of the FISA Amendments Act of 2008 is paramount to our ability to combat PRC state-sponsored cyber actors. In the last half of 2023, 97% of the FBI’s raw technical reporting on malicious cyber actors, and 93% of our reporting on emerging technologies, such as artificial intelligence, came from Section 702 collections. On average over the past 10 years, malicious foreign cyber actors have accounted for more than half of our Section 702 targets. The FBI’s Cyber Division uses this intelligence to conduct strategic disruption activities against those malicious cyber actors. Thanks to the foreign intelligence we receive from Section 702, the FBI’s Cyber Division is able to work with the FBI’s USIC partners and warn victims when cybercriminals are prepositioning for attacks—so, before the attack begins—and help the potential victims close identified backdoors and remove the opportunity for malicious actors to exploit their systems.

Section 702 has been pivotal for the FBI to detect and thwart PRC-backed cyber threat actors attempting to access U.S. critical infrastructure. The FBI has seen China-based cyber threat actors access a variety of critical infrastructure in the United States. Section 702 allows us to detect these cyber threat actors by monitoring them as they traverse the internet and determining when they access networks within the United States. Using queries for the identifiers of potential victims—namely American businesses and organizations—we can identify whether the cyber threat actors are merely researching a victim for possible future attacks or if they have already successfully compromised systems. This critical tool directly protects Americans and American businesses.

Investing in a More Capable Cyber Response

The PRC represents the defining threat of this era. There is no country that presents a broader, more comprehensive threat to our ideas, our innovation, our economic security, and, ultimately, our national security. Now is not the time to reduce the FBI’s resources or capabilities. The PRC uses every means at its disposal to impact our economic security—blending cyber capabilities, human intelligence, corporate transactions, and other means of attacking and exploiting U.S. companies to advance its own economic growth, national power, and military capability.

The FBI faces significant resource challenges to address the scale and sophistication of national security and criminal cyber threats targeting the United States. Although there are many resource gaps, the FBI is appreciative of the President’s Fiscal Year 2024 Budget Request, which would expand our ability to pursue cyber threats through investments that support efforts to build investigative capabilities at FBI field offices nationwide. The Fiscal Year 2024 Budget Request includes an additional $63 million for more agents, enhanced response capabilities, and strengthened intelligence collection and analysis capabilities. These investments reflect the National Cybersecurity Strategy’s emphasis on a whole-of-nation approach to addressing the ongoing cyber threat.

Reductions to the FBI’s budget would adversely impact the FBI’s computer intrusion program, undermining its ability to continue to aggressively and successfully thwart countless PRC threats to our economic and national security before they can do significant harm. Even if the FBI focused all of its cyber agents and intelligence analysts on the PRC threat, PRC-backed cyber threat actors would still outnumber FBI Cyber personnel at least 50 to 1, and they are attempting multiple cyber operations each day in domestic internet space, where only the FBI has the authorities to monitor and disrupt.

Conclusion

The strength of any organization is its people, and that is especially true in the FBI. The threats we face as a nation have never been greater or more diverse, and the expectations placed on the FBI have never been higher. Our fellow citizens look to the FBI to protect the United States from those threats, and, every day, the men and women of the FBI continue to meet and exceed those expectations. I want to thank them for their dedicated service.

Chairman Gallagher, Ranking Member Krishnamoorthi, and members of the committee, thank you for the opportunity to testify today. I am happy to answer any questions you might have and to work together with you in the nation’s fight against malicious cyber activity so the FBI can help achieve our collective cyber mission—to give the American people safety, security, and confidence in our digitally connected world.

Director Wray’s Opening Statement to the House Select Committee on the Strategic Competition Between the United States and the Chinese Communist Party

Source: Federal Bureau of Investigation FBI Crime News

China’s hackers are positioning on American infrastructure in preparation to wreak havoc and cause real-world harm to American citizens and communities. If or when China decides the time has come to strike, they’re not focused solely on political or military targets. We can see from where they position themselves, across civilian infrastructure, that low blows aren’t just a possibility in the event of a conflict. Low blows against civilians are part of China’s plan.

But the PRC’s cyber onslaught goes way beyond prepositioning for future conflict. Today, and literally every day, they’re actively attacking our economic security—engaging in wholesale theft of our innovation and our personal and corporate data. 

Nor is cyber the only PRC threat we face. The PRC cyber threat is made vastly more dangerous by the way they knit cyber into a whole-of-government campaign against us. They recruit human sources to target our businesses, using insiders to steal the same kinds of innovation and data their hackers are targeting while also engaging in corporate deception—hiding Beijing’s hand in transactions, joint ventures, and investments—to do the same.

And they don’t just hit our security and economy. They target our freedoms, reaching inside our borders, across America, to silence, coerce, and threaten our citizens and residents.

The FBI’s Response

But I can assure you the FBI is laser-focused on the threat posed by Beijing. We have cyber, counterintelligence, criminal, and weapons of mass destruction experts—just to name a few—defending against it.

And we’re working in partnership with the private sector, our allies abroad, and all levels of the U.S. government—especially the NSA [National Security Agency], Cyber Command, and CISA [the Cybersecurity and Infrastructure Security Agency], as well as ONCD [the Office of the National Cyber Director], whose leaders I’m honored to be here with today.

In fact, just this morning we announced an operation where we and our partners identified hundreds of routers that had been taken over by the PRC state-sponsored hacking group known as Volt Typhoon. The Volt Typhoon malware enabled China to hide, among other things, pre-operational reconnaissance and network exploitation against critical infrastructure like our communications, energy, transportation, and water sectors. Steps China was taking, in other words, to find and prepare to destroy or degrade the civilian critical infrastructure that keeps us safe and prosperous. And let’s be clear: Cyber threats to our critical infrastructure represent real-world threats to our physical safety.

So working with our partners, the FBI ran a court-authorized, on-network operation to shut down Volt Typhoon and the access it enabled. This operation was an important step. But there’s a lot more to do, and we need your help to do it.

Let me quantify what we’re up against: The PRC has a bigger hacking program than every other major nation combined. In fact, if each one of the FBI’s cyber agents and intelligence analysts focused exclusively on the China threat, China’s hackers would still outnumber FBI cyber personnel by at least 50 to 1. 

So as we sit here while important budget discussions are underway, I’ll note that this is a time to be keeping ahead of the threat by investing in our capabilities rather than cutting them. We need to ensure that we sustain and build on the gains we’ve made that have enabled us to take actions like the Volt Typhoon operation I just mentioned.

The budgets that emerge from the discussions underway now will dictate what resources we’ll have ready in 2027—a year that, as this committee knows all too well, the CCP has circled on its calendar. And that year will be on us before you know it. As I’ve described, the PRC is already, today, putting their pieces in place.

Conclusion

I do not want those watching today to think we can’t protect ourselves. But I do want the American people to know that we cannot afford to sleep on this danger. As a government and a society, we’ve got to remain vigilant and actively defend against the threat Beijing poses. Otherwise, China has shown it will make us pay.

Thank you, and I look forward to today’s discussion.

Chinese Hackers Have Entire Nation in Their Crosshairs, FBI Director Warns

Source: Federal Bureau of Investigation FBI Crime News

Chinese government hacking efforts now target the entire American populace, and the escalating urgency of the overall threat that China poses to U.S. national security requires more investment in the FBI’s capabilities, FBI Director Wray warned lawmakers during a January 31 appearance before the House Select Committee on the Chinese Communist Party. 

“I do not want those watching today to think we can’t protect ourselves,” he told legislators. “But I do want the American people to know that we cannot afford to sleep on this danger.” 

China’s quest to steal American intellectual property to gain an economic and militaristic edge over the United States—through nefarious cyber means and traditional espionage, alike—hasn’t let up. But the scope of its malicious cyber activities has expanded to target our nation’s critical infrastructure, Wray told lawmakers during the hearing, which looked to gauge the risks that CCP cyber efforts poses to U.S. national security. 

“There has been far too little public focus on the fact that PRC [People’s Republic of China] hackers are targeting our critical infrastructure—our water treatment plants, our electrical grid, our oil and natural gas pipelines, our transportation systems,” Wray told the committee during his opening remarks. “And the risk that poses to every American requires our attention now.” 

China’s state-sponsored hackers are posturing themselves to be able to take down these vital resources at a moment’s notice. That way, if conflict breaks out between the U.S. and China, they can cripple those resources and do direct harm to U.S. citizens, Wray explained. “Low blows against civilians are part of China’s plan,” he said. 

And, Wray stressed, this threat isn’t theoretical. On January 31, the Bureau announced that it had worked with partners to identify Wi-Fi routers that had been infected with malware originating from a Chinese government-sponsored hacking group. 

“The Volt Typhoon malware enabled China to hide, among other things, pre-operational reconnaissance and network exploitation against critical infrastructure like our communications, energy, transportation, and water sectors—steps China was taking, in other words, to find and prepare to destroy or degrade the civilian critical infrastructure that keeps us safe and prosperous,” Wray said. “So working with our partners, the FBI ran a court-authorized, on-network operation to shut down Volt Typhoon and the access it enabled.” 

This disruption was significant, but it’s not the end of the story when it comes to countering malicious cyber efforts by the Chinese government.  

The FBI is leveraging its expertise in the areas of cybersecurity, criminal investigation, and weapons of mass destruction, as well as private and public sector partnerships and relationships with international allies to tackle this multifaceted threat, he said. And investment is central to sustaining our battle rhythm against this threat. 

The President’s Fiscal Year 2024 Budget Request would help the FBI bolster its 56 field offices’ ability to investigate cyber threats, Wray’s written testimony to the committee stated

“The Fiscal Year 2024 Budget Request includes an additional $63 million for more agents, enhanced response capabilities, and strengthened intelligence collection and analysis capabilities,” he wrote. “These investments reflect the National Cybersecurity Strategy’s emphasis on a whole-of-nation approach to addressing the ongoing cyber threat.” 
Cuts to the Bureau’s budget would hinder the FBI computer intrusion program’s ability to combat CCP threats to U.S. economic and national security “before they can do significant harm,” the written testimony noted. 

“The budgets that emerge from the discussions underway now will dictate what kind of resources we have ready in 2027—a year that, as this committee knows all too well, the CCP has circled on its calendar,” Wray told the committee. 

Wray testified beside witnesses from across the U.S. government’s highest levels of cyber leadership at the hearing about CCP threats to American cybersecurity. Fellow panelists included National Security Agency Director Gen. Paul M. Nakasone (who appeared in his capacity as commander of U.S. Cyber Command); Cybersecurity and Infrastructure Security Agency Director Jen Easterly; and Harry Coker, Jr., who leads the Office of the National Cyber Director. 

“The Select Committee on the Chinese Communist Party is committed to working on a bipartisan basis to build consensus on the threat posed by the Chinese Communist Party and develop a plan of action to defend the American people, our economy, and our values,” the committee’s website states. 

You can read Director Wray’s full written testimony here, and you can read his opening remarks, as prepared, here

Director Wray’s Remarks to the House Select Committee on the Strategic Competition Between the United States and the Chinese Communist Party

Source: Federal Bureau of Investigation FBI Crime News

China’s hackers are positioning on American infrastructure in preparation to wreak havoc and cause real-world harm to American citizens and communities. If or when China decides the time has come to strike, they’re not focused solely on political or military targets. We can see from where they position themselves, across civilian infrastructure, that low blows aren’t just a possibility in the event of a conflict. Low blows against civilians are part of China’s plan.

But the PRC’s cyber onslaught goes way beyond prepositioning for future conflict. Today, and literally every day, they’re actively attacking our economic security—engaging in wholesale theft of our innovation and our personal and corporate data. 

Nor is cyber the only PRC threat we face. The PRC cyber threat is made vastly more dangerous by the way they knit cyber into a whole-of-government campaign against us. They recruit human sources to target our businesses, using insiders to steal the same kinds of innovation and data their hackers are targeting while also engaging in corporate deception—hiding Beijing’s hand in transactions, joint ventures, and investments—to do the same.

And they don’t just hit our security and economy. They target our freedoms, reaching inside our borders, across America, to silence, coerce, and threaten our citizens and residents.

The FBI’s Response

But I can assure you the FBI is laser-focused on the threat posed by Beijing. We have cyber, counterintelligence, criminal, and weapons of mass destruction experts—just to name a few—defending against it.

And we’re working in partnership with the private sector, our allies abroad, and all levels of the U.S. government—especially the NSA [National Security Agency], Cyber Command, and CISA [the Cybersecurity and Infrastructure Security Agency], as well as ONCD [the Office of the National Cyber Director], whose leaders I’m honored to be here with today.

In fact, just this morning we announced an operation where we and our partners identified hundreds of routers that had been taken over by the PRC state-sponsored hacking group known as Volt Typhoon. The Volt Typhoon malware enabled China to hide, among other things, pre-operational reconnaissance and network exploitation against critical infrastructure like our communications, energy, transportation, and water sectors. Steps China was taking, in other words, to find and prepare to destroy or degrade the civilian critical infrastructure that keeps us safe and prosperous. And let’s be clear: Cyber threats to our critical infrastructure represent real-world threats to our physical safety.

So working with our partners, the FBI ran a court-authorized, on-network operation to shut down Volt Typhoon and the access it enabled. This operation was an important step. But there’s a lot more to do, and we need your help to do it.

Let me quantify what we’re up against: The PRC has a bigger hacking program than every other major nation combined. In fact, if each one of the FBI’s cyber agents and intelligence analysts focused exclusively on the China threat, China’s hackers would still outnumber FBI cyber personnel by at least 50 to 1. 

So as we sit here while important budget discussions are underway, I’ll note that this is a time to be keeping ahead of the threat by investing in our capabilities rather than cutting them. We need to ensure that we sustain and build on the gains we’ve made that have enabled us to take actions like the Volt Typhoon operation I just mentioned.

The budgets that emerge from the discussions underway now will dictate what resources we’ll have ready in 2027—a year that, as this committee knows all too well, the CCP has circled on its calendar. And that year will be on us before you know it. As I’ve described, the PRC is already, today, putting their pieces in place.

Conclusion

I do not want those watching today to think we can’t protect ourselves. But I do want the American people to know that we cannot afford to sleep on this danger. As a government and a society, we’ve got to remain vigilant and actively defend against the threat Beijing poses. Otherwise, China has shown it will make us pay.

Thank you, and I look forward to today’s discussion.

FBI, NSA Leaders Talk Election Security, Power of Collaboration at Fordham ICCS

Source: Federal Bureau of Investigation FBI Crime News

FBI Director Christopher Wray on January 9 said the Bureau is well-postured to defend against foreign interference heading into the 2024 election cycle, despite the growing number of foreign actors and nation-states seeking to disrupt our democratic process.

“Americans can and should have confidence in our election system,” Wray said during a fireside chat with U.S. Army Gen. Paul M. Nakasone—the dual-hatted director of the National Security Agency and commander of U.S. Cyber Command—that was moderated by National Public Radio journalist Mary Louise Kelly.  The FBI hasn’t witnessed any foreign interference effort that has jeopardized “the integrity of the vote count itself in any material way,” he added.

The conversation was part of the 2024 Fordham International Conference on Cybersecurity, co-hosted by the FBI and Fordham University at the school’s Lincoln Center campus in New York City.

Protecting Elections

Information warfare and election interference aren’t new, Wray told the audience of public and private sector cyber experts, international partners, academics, and students.

But the uptick in the number of nation-states and overseas players who want to interfere with U.S. elections or otherwise exert foreign influence on American affairs—and the growing array of tools they can use to meddle in our democratic process—are, he said.

“The threats are more challenging, but the defense is better,” Wray said. “Everybody’s raising their game.”

The FBI Director called Russia “a regular player in this space,” and said that the country’s full-scale invasion of Ukraine hasn’t deterred it from trying to tamper with American politics. On the contrary, Wray noted, one could argue that American policy on Ukraine hits so deep a nerve that the Russian government is trying to simultaneously advance its agenda there and brainstorm ways to influence or interfere with business here at home.

“If anything, for them, the stars align in terms of those two efforts,” he said. “And so we have to be even more effective in countering it.”

But he said Russia isn’t the only nation-state seeking to sway American politics, noting that other countries—including Iran and China—are also active in this arena. “They’re all pursuing slightly different agendas and using slightly different techniques, but we’re watching all of it,” Wray explained.

The good news is that partnerships are allowing the Bureau and the government, more widely, to rise to the challenge of protecting U.S. elections from foreign interference. Wray said collaboration between the Bureau and its fellow U.S. government agencies, the federal government’s relationship with state election officials, and public-private partnerships, in general, have all become “exponentially more sophisticated and effective” with each new election cycle.

Partnerships also help the American populace become more resistant to foreign adversary efforts to use chaos as a tool for disruption. Wray also noted that it’s imperative that Americans be eagle-eyed amid misinformation efforts by foreign governments and the rise of emerging technologies like artificial intelligence.

“I think that’s a responsibility that every American has as an informed citizen and, ultimately, voter,” he said.

Russian National Pleads Guilty to Attempting to Provide Material Support to a Foreign Terrorist Organization

Source: Federal Bureau of Investigation FBI Crime News

Murat Kurashev, 36, of Sacramento, California, pleaded guilty to a single-count indictment charging him with attempting to provide material support to a designated foreign terrorist organization.

According to court documents, Kurashev attempted to provide financial support to Hayat Tahrir al-Sham (HTS). HTS was designated as a foreign terrorist organization by the Secretary of State and engages in terrorism in Syria. Between July 2020 and February 2021, Kurashev used money transfer services to send approximately $13,000 to two known couriers of an HTS fundraiser. Records obtained from the money transfer services documented multiple transactions from Kurashev to the couriers in Turkey usually in increments of $1,000. The couriers retrieved the funds often within 24 hours of transfer. Surveillance footage from money transfer businesses captured Kurashev in the midst of some of the transactions.

Law enforcement’s review of social media and encrypted mobile messaging discussions between Kurashev and the fundraiser, demonstrated that they believed that providing money in support of the HTS’s fighters was tantamount to being engaged in violent jihad. During these conversations with the fundraiser, Kurashev mentioned that he wished he could join the fight in Syria as a mujahideen and regretted that he could only provide financial support. These conversations make clear that Kurashev was fully aware of the fundraiser’s violent extremist ideology and participation and work on behalf of HTS.

Additional evidence seized by the FBI revealed that Kurashev followed the fundraiser’s online presence and various social media accounts. Some of fundraiser’s social media accounts that were viewed by Kurashev included solicitations for money to purchase military equipment, boots, clothing, firearms, and, in one case, a motorcycle. FBI forensic analysis of Kurashev’s Apple iCloud account revealed it to be replete with violent extremist content, including a video depicting HTS fighters. It appears that Kurashev watched this video while driving his work van along Interstate 80.      

Kurashev faces a maximum penalty of 20 years in prison and up to a $250,000 fine. Sentencing is set for March 18. A federal district court judge will determine any sentence after considering the U.S. Sentencing Guidelines and other statutory factors.

Assistant Attorney General Matthew G. Olsen of the Justice Department’s National Security Division, Executive Assistant Director Larissa L. Knapp of the FBI’s National Security Branch, and U.S. Attorney Phillip A. Talbert made the announcement.

The FBI is investigating the case.

Assistant U.S. Attorney Heiko P. Coppola for the Eastern District of California and Trial Attorney Dmitriy Slavin of the National Security Division’s Counterterrorism Section are prosecuting the case.

Year in Review 2023

Source: Federal Bureau of Investigation FBI Crime News

Violent Crime 

The FBI’s top priorities are national security threats, but the Bureau plays a key role in combating violent crime in big cities and local communities across the United States. The threats vary widely, from bank robberies and art crime to human trafficking, gang violence, crimes against children, and drug trafficking.  
 
The Bureau’s Criminal Division this year accounted for more than 18,000 arrests and almost 10,000 indictments in violent criminal cases. The myriad FBI units targeting suspected criminals disrupted more than 2,500 operations and dismantled another 314. They located 2,401 children in the 12-month period that ended in September and were involved in more than 12,000 drug seizures. “To truly appreciate the impact the FBI and our partners are having,” Director Wray has said, “you’ve got to look at the cases.” 

Here’s a look at just a few significant cases and accomplishments: 

  • Operation Ghost Busted: 76 individuals were charged with involvement in a drug trafficking operation that distributed large amounts of high-grade methamphetamine, along with fentanyl, heroin, and alprazolam (Xanax) in the greater Glynn County area of Georgia. Details
  • Operation SpecTor: This coordinated operation spanning nine countries and dozens of law enforcement agencies across the U.S., Europe, and South America targeted darknet drug markets. Efforts resulted in seizures of more than $50 million in cash and virtual currency, 1,875 pounds of potentially lethal pills and other drugs, and 288 arrests. Details

  • Operation Cross Country: The FBI, working with partners, identified and located 200 victims of sex trafficking during a two-week nationwide enforcement campaign in July. The operation also led to identification or arrest of 126 suspects of child sexual exploitation and human trafficking offenses and 68 suspects of trafficking were identified or arrested. Also located were 59 minor victims of child sex trafficking and child sexual exploitation offenses and 59 actively missing children. Details

  • January 6: In what the Department of Justice has called the FBI’s largest ever investigation, the Bureau continues to seek the public’s assistance in in identifying individuals who made unlawful entry into the U.S. Capitol on January 6, 2021. In the 34 months since the attack on the Capitol, more than 1,200 individuals have been charged in nearly all 50 states for crimes related to the breach of the U.S. Capitol, including more than 400 individuals charged with assaulting or impeding law enforcement. Details 
  • Transnational Organized Crime: The FBI is focused on the cartels trafficking narcotics across the border. The FBI has 328 pending investigations linked to cartel leadership; 78 of those are along the southern border.

Multiple field offices conducted operations this year targeting gangs or criminal networks. In July, for example, an FBI-led joint operation targeting violent criminals in Tucson, Arizona, resulted in 88 arrests. A month earlier, in Erie, Pennsylvania, an FBI-led Safe Streets task force targeted a local drug gang. Also last summer, an FBI-led operation in Dallas seized more than 540 grams of cocaine, more than 1,100 grams of methamphetamine, and more than seven grams of fentanyl, along with nine firearms and over $10,000 in cash.

Director Wray’s Opening Statement to the Senate Judiciary Committee

Source: Federal Bureau of Investigation FBI Crime News

As prepared for delivery

Good morning, Chairman Durbin, Ranking Member Graham, and members of the committee. I’m proud to be here today representing the FBI.

The threats the Bureau’s 38,000 men and women tackle every day are more complex and evolving more quickly than ever before, and we continue to work relentlessly to stay ahead of the threats and outpace our adversaries.

For example, last year, we disrupted over 40% more cyber operations and arrested over 60% more cybercriminals than the year before.

Over the past two years, we’ve seized enough fentanyl to kill 270 million people. That’s more than 80% of all Americans.

We’re also focused on other threats that emanate from the border and impact communities all over the country—things like violent gangs and human traffickers.

At the same time, given the steady drumbeat of calls for attacks by foreign terrorist organizations since October 7, we’re working around the clock to identify and disrupt potential attacks by those inspired by Hamas’s horrific terrorist attacks in Israel.

And, in recent years, we’ve seen an increase in hate crimes investigations, including a particularly big chunk involving threats to the Jewish community. That’s a troubling trend we were focused on before October 7 that’s only gotten worse in the months since.

I could go on and on about the important work the FBI’s dedicated professionals are doing across the entire spectrum of threats, each and every day, to protect their fellow Americans.

But in my remaining time, I want to emphasize the importance of one tool, in particular, that’s indispensable to our efforts to combat threats posed by foreign adversaries—one that will expire in just a few short weeks if Congress does not act—and that’s the FBI’s FISA Section 702 authorities.

As this committee knows, 702 allows us to stay a step ahead of foreign actors located outside the United States who pose a threat to national security, and the expiration of our 702 authorities would be devastating to the FBI’s ability to protect Americans from those threats.

Let me tell you what I mean by that.

When an overseas cybercriminal breaches a transportation hub, a public utility, or even a children’s hospital, 702 is often the tool we use to find victims and get them what they need to get their systems back up and running. And, just as important, it helps us identify the next target so they can defend themselves against an attack.

In just one recent cyber case, for instance, 702 allowed the FBI to alert more than 300 victims in every state and countries around the world. And I should add that many of those crucial victim notifications were made possible by our ability to conduct U.S.-person queries of our existing 702 collection.

When it comes to foreign adversaries like Iran, whose actions across a whole host of threats have grown more brazen—seeking to assassinate high-level officials, kidnap dissidents, and conduct cyberattacks here in the United States—or the People’s Republic of China, which poses a generational threat to our economic and national security, stripping the FBI of its 702 authorities would be a form of unilateral disarmament. 

Or, take the elevated threat of international terrorism. 702 is key to our ability to detect a foreign terrorist organization overseas directing an operative here to carry out an attack in our own backyard, and U.S.-person queries, in particular, may provide the critical link that allows us to identify the intended target or build out the network of attackers so we can stop them before they strike and kill Americans.

Given the critical importance of 702, we’re committed to being good stewards of our authorities. To that end, I’ve ordered a whole host of changes to address unacceptable compliance incidents—reforms many members of this committee have now seen with their own eyes in live demonstrations of our systems at FBI Headquarters. We’ve improved our systems, enhanced training, added oversight and approval requirements, and adopted new accountability measures. On top of that, we stood up a brand-new Office of Internal Auditing that’s been focused specifically on FISA compliance.

Most of the declassified reports that’ve come out over the past year or so involve compliance errors that predate those reforms, and I’ve been encouraged by the more recent data showing the significant, positive impact the changes have had. The most recently declassified opinion from the Foreign Intelligence Surveillance Court, for instance, shows a 98% compliance rate, and observes that the reforms are “having the desired effect.” And the two most recent Department of Justice semiannual reports, likewise, now show a greater-than-98% compliance rate.

We’re proud of the progress we’ve made, but we’re by no means done. This is an ongoing effort, and we’re determined to work with Congress to get it right.

But, as we enter this critical phase of the renewal process, it’s imperative that we not undercut the effectiveness of this essential tool with a warrant requirement or some other restriction that would paralyze us and our ability to tackle fast-moving threats like the ones I just described.  Because crucial to our ability to use this information to protect Americans is our ability to review it promptly and efficiently.

And, to be clear, no court has ever held that a warrant is required for the FBI to query 702 data already lawfully in our holdings. In fact, every court that’s considered 702 in its current form—the FISA Court, the FISA Court of Review, and three courts of appeals—has found 702 to be constitutional. So, restricting the FBI’s ability to collect under 702 or to review what’s already in our collection would be a legislative policy choice.

And if that’s the path that’s chosen, what are we going to say to the family whose loved one’s care was sabotaged when a hospital was taken offline by a foreign adversary and the FBI wasn’t able to stop the cyberattack? 

What’s the justification for not using every lawful tool to stop China from stealing our technology and undermining our freedoms? Because I can assure you the PRC [People’s Republic of China] is not holding back or tying its own hands behind its back.

And what if there were a terrorist attack that we had a shot to prevent, but couldn’t take it, because the FBI was deprived of the ability under 702 to look at key information already sitting in our holdings?  

I was in FBI Headquarters on 9/11—22 years ago—and, over the years, I’ve spoken with families of victims of that horrific attack.

Before that attack, well-intentioned policymakers had made the choice to build a wall preventing access to national security information sitting in our and our partners’ holdings. Allowing 702 to lapse or amending it in a way that undermines its effectiveness would be akin to laying bricks to rebuild another, pre-9/11-style wall.

What could anyone possibly say to victims’ families if there was another attack that we could have prevented if we hadn’t given away the ability to effectively use a tool that courts have consistently deemed constitutional? 

Because let’s not fool ourselves: That’s what’s at stake with the reauthorization of 702.

As the threats from foreign adversaries to our homeland continue to evolve, the agility and effectiveness of 702 will be essential to the FBI’s ability—and, really, our mandate from the American people—to keep them safe for years to come.

And we owe it to them to make sure we’ve got the tools we need to do that.

Thank you for having me, and I look forward to your questions.

Deputy Director’s Remarks at New Mexico Safe School Summit

Source: Federal Bureau of Investigation FBI Crime News

Thank you, Raul, and good morning, everyone. It is an honor to be here for the inaugural Safe School Summit. The purpose for which we’re gathered today carries tremendous importance and I hope this will be the first of many because finding ways to keep young people, and educators, and team members safe in the learning environment is among the highest priorities for our nation. At the FBI believe that if we all work together seamlessly – everyone – we can continue to advance safety and security in schools. Especially if we all continue to show up the way we have done today – so thank you all for being here.  

I also want to thank Lt. Gov Howie Morales and the State of New Mexico for partnering with us and hosting this important event, As well as to all of the incredible law enforcement partners, school administrators, educators, and staff, and the students for taking the time to be here. bring great meaning and hope to our collective efforts  and will add significantly to the progress toward making schools safer—both here and across the country. We are looking forward to many experts here this week sharing their perspectives on the threat environment facing us and their thoughts about how we can continue to work together to address them. As we begin, I’d first, I would like to briefly go into some background of how this summit came to fruition.

Last year, an FBI special agent named Bryce Oleski responded to an imminent threat of violence. A person from another state had attempted to recruit a student here in New Mexico, and together they were devising a plan to shoot people inside a school. Special Agent Oleski worked quickly to include partners to help in address this potential threat. He brought in a Customs and Border Patrol officer assigned to one of our task forces, along with officers from the New Mexico State Police, and together they engaged the local student, who was taken into custody by police.  
The individual was immediately remanded for mandatory psychological evaluation, placed on GPS monitoring, and charged criminally by the state. Thanks to a court order under the New Mexico red flag law, the individual will not be able to obtain a firearm in the future. This amounted to another instance where reporting followed by quick action by law enforcement and other partners including mental health professionals successfully prevented a potentially deadly act of violence, and stopped a person with means and motive from carrying out a plan to harm innocent people.

Our collective goal and our mission together and continues to be prevention, to get ahead of incidents like these by urgently involving the right people in order to help mitigate and prevent harm within our communities.

The longer version is something everyone in this room knows. No situation involving a young person who is planning to commit violence is ever simple, and it is rarely, if ever, completely resolved.  

There are many factors that complicate violent incidents committed by under-aged persons. For example, far too many of the incidents of school violence we’ve has seen involve minors who have adopted violent extremist ideologies. Minors and underage persons are actually a target demographic for violent extremist rhetoric, propaganda, and recruitment via social media, gaming, and other online platforms, and extremist messages appear to appeal to some young people because they seem to offer, though misguided, explanations for, and solutions to personal problems. They offer a sense of identity and belonging, and erroneous justification for violence, and increasingly, minors who are influenced in these ways often seem to seek out those things within a mix of violent ideologies, taking bits and pieces from different extremist groups, which results in what has become known as blended drivers to violence.  

Often, there are other problems that contribute to worsening the situation. That was the real-life case, as another example, with a 14-year-old student, living in a major city, who is part of an ongoing investigation. This individual faced significant mental health challenges when he started consuming violent content online, and before long, his interests had run the gamut of violent extremism. He became obsessed with the Columbine shooters, he appeared to be inspired by the foreign terrorist organization ISIS, and he was fascinated with neoNazism.  

Fortunately, in this case, at the same time he was seeing a mental health provider, and the provider became concerned when the young person started talking about harming other people—and himself. He expressed a desire to gain notoriety by killing as many people as possible. Hearing this, the mental health provider sounded the alarm and started a process that would help prevent the individual from carrying out an attack—more on that aspect in a moment.  An important lesson we’ve learned is that these situations, where young people are radicalized toward violence, are complex and difficult to resolve through law enforcement action alone. That is partly because it’s often difficult to bring criminal charges against minors, particularly at the federal level.  

So, if a would-be offender starts planning an attack—perhaps stockpiling firearms and ammunition and publishing threats online—federal agencies’ hands are often tied from an enforcement perspective.  

Of course, being closely partnered and aligned with our colleagues in state and local law enforcement, sharing intelligence and providing investigative resources to stop those who intend to commit violence, and it is a two-way street, because without our partnerships we would not be as effective.  For instance, crisis intervention teams at the state and local level have time and again proven to be critical partners in mitigating threats to schools, and we are truly grateful here locally to the teams from the Albuquerque Police, Department, Bernalillo County Sheriff’s Office, and New Mexico State Police for their outstanding work. But even our collaborative efforts can be met with obstacles.  

Sometimes, a lesser charge at the state or local level means that a minor returns home back into community very quickly.  

That may be good news for someone—especially a younger kid—who receives help and resources, truly leaves behind their violent intentions, and is ready to rejoin society. But it can have terrible consequences if that does not happen, and the individual continues to harbor violent thoughts and plans to act on them. Sometimes, a subject’s psychological state, even when combined with statements or behaviors, does not meet the standards to bring criminal charges. So, the all-important questions becomes, how do we stop these acts when traditional law enforcement actions and arrests are not a sufficient means of mitigating a threat of violence?  

It is clear we are not going to arrest our way out of the problem. It is clear we are not going to arrest our way out of the problem.  Not to mention—arresting young people is never anyone’s preferred first line of mitigation. We need to take steps toward being more innovative in our approach.  

That is why we are here today. Working together to continuously build and develop better strategies and bring more resources to bear in a coordinated/synchronized way is essential to preventing not only mass casualty incidents, but also other types of violence and crime hat impact youth and society, to include sextortion, human trafficking, and too many other very real threats. The challenges we face in our schools and among youth who have been swept up in this today require a whole community approach.  

From our perspective, that means sharing FBI resources and leveraging each components skill and expertise, forming collaborative teams to mitigate threats. It means relying on partners like our law enforcement task force officers, some of whom are here today — because you are the experts on your state and local jurisdictions and law and already have established relationships with community members.  

It means reaching out to dedicated community leaders who best understand the issues and the causes, and get the needs of those they serve.  
It means working with professionals from different disciplines within mental health and social services because their expertise can help bring better understanding of individuals at risk and bring dedicated support and pathways to help them get better.  And it means connecting law enforcement resources as appropriate with school administrators, faculty, staff, and students to work to prevent violence before it occurs.  

The case mentioned earlier featured this kind of multidisciplinary collaboration, in that case, the mental health provider saw red flags and alerted the FBI, The FBI notified local law enforcement partners who joined the investigative effort, and with the proper consent, the treatment team kept open lines of communication with those officers.  That team approach prevented this individual from potentially inflicting immense and tragic harm on the community. In an ideal world, every at-risk youth would be seen and receive the same individualized care and attention and through a well-coordinated multidisciplinary response.  
 
That is what we’re seeking to help accomplish by working with the people and institutions that anchor communities, and by gathering here today.  
But in addition to these partnership and team-building efforts, it’s important to know that in the sad and unfortunate instances where tragedy does occur, the FBI will be there to help, support, and assist in every way possible. If a critical incident happens, the FBI will work around the clock to assist in whatever way we can.   Our goal is always to help bring support and contribute toward resolutions.  

In the first instance, the objective is to make the situation safe. That requires quick law enforcement action and often tactical assistance. Initially, the focus must be on safeguarding the scene and protecting citizens from additional violence? Next, there is the investigative aspect, we work in support to help ascertain the facts to determine what exactly happened.  We are looking to determine what motivated the perpetrator, was it a terrorist attack driven by some sort of ideology, a hate crime targeting people because of some aspect of a protected characteristic or some other type of incident.  The answer to that question determines whether there is a federal nexus.  

Even if there is no federal nexus, we are still there to help our law enforcement partners, and throughout that entire process, we are on the ground, offering whatever resources we can, these include:

  • Agents and other personnel to  
  • Help conduct interviews and other investigative actions
  • Evidence collection through our evidence response teams
  • Analysis of digital evidence, cell phones, videos, and other sources…  
  • Laboratory and forensic assistance, if needed, for any type of physical evidence
  • And victim services to help survivors cope with loss and trauma.  
  • We also have bomb technicians, highly trained crisis response teams, negotiators, the Hostage Rescue Team, and behavioral analysts available to support.  

With all that, the number one goal remains always preventing violence from happening in the first place.  To that end, we are working to understand active shooter incidents by tracking them and fully examining the perpetrators and the circumstances under which they happened.  

Earlier this year we released a report on Active Shooter incidents in the U.S. in 2022. Last year sadly saw 50 incidents, not far from the 61 in 2021—the most recorded for any year covered by these studies. To be clear, this report, by definition, looks only at incidents in which one or more individuals are actively engaged in killing or attempting to kill people in a populated area. Shootings stemming from narcotics transactions, retaliatory violence, or violence related to ongoing criminal behavior are not included in the report. Still, even within that narrow  
scope, the trends are alarming, with nearly 313 people killed last year—up nearly 30% from 2021.  

Our experts are also researching the specific circumstances surrounding acts of violence of this type. Our Behavioral Analysis Unit, which you will hear from later today, offers threat assessments and looks at individual incidents to identify common characteristics and understand the drivers of violence. By conducting this rigorous analysis and assessment we hope to be able to share lessons and further awareness to help communities recognize what might be considered warning signs of an impending violent incident. But we are not just studying the threat, we have also developed several trainings, with partner needs in mind.

We have provided Advanced Law Enforcement Rapid Response training—that’s “ALERRT”—to more than 147,000 law enforcement first responders, teaching the same response protocols that have been adopted for all of our special agent tactical instructors. And for civilian participants we have the Active Shooter Attack Prevention and Preparedness, or “ASAPP” course. ASAPP is based on the widely adopted “Run, Hide, Fight” model and empowers people to survive—and help others survive—in an active shooter situation. This year alone, we have provided ASAPP training to more than 2,000 of our partners at schools, houses of worship, businesses, government agencies, hospitals, and other entities. And people are finding the training so valuable from a potentially life-saving standpoint that some of our field offices are working at an incredible pace to keep up with demand.  

So if you know of someone who is interested in setting up a training in their community, please advise them to contact the local FBI field office and we will work to schedule. SAC Bujanda and his team are here with us today for that purpose. The goal of course is to put people in the best position to protect themselves and to keep others safe.   

I would like to conclude with a final thought, in order to stop violence and other forms of harm before they occur, we must be relentless in our effort and drive, we must be thoughtful, innovative, and oriented toward urgent action. And we must be absolutely and fully committed to each other and to working together collaboratively to achieve our shared objectives of safety and support for everyone. Everyone here has seen the senseless devastation communities, families, and people face in the tragic aftermath of a mass-casualty incident.  
 
But it brings great hope that we are here in this room, united in our common goal to make schools safer and to keep people safe from harm. It has been a privilege to join you this morning and have an opportunity to engage. I hope that everyone takes away valuable lessons and gets the most from the summit and I’m looking forward to participating on the student panel that follows.  
 
Stay well, be safe, and God bless.

Worldwide Threats to the Homeland

Source: Federal Bureau of Investigation FBI Crime News

Statement for the Record

Good morning, Chairman Green, Ranking Member Thompson, and members of the committee. Today, I am honored to be here, representing the people of the Federal Bureau of Investigation (“FBI”), who tackle some of the most complex and most grave threats we face every day with perseverance, professionalism, and integrity—sometimes at the greatest of costs. I am extremely proud of their service and commitment to the FBI’s mission and to ensuring the safety and security of communities throughout our nation. On their behalf, I would like to express my appreciation for the support you have given them in the past and ask for your continued support in the future.

Despite the many challenges our FBI workforce has faced, I am immensely proud of their dedication to protecting the American people and upholding the Constitution. Our country continues to face challenges, yet, through it all, the women and men of the FBI stand at the ready to tackle those challenges. The list of diverse threats we face underscores the complexity and breadth of the FBI’s mission: to protect the American people and to uphold the Constitution of the United States. I am prepared to discuss with you what the FBI is doing to address these threats and what the FBI is doing to ensure our people adhere to the highest of standards while it conducts its mission.

Key Threats and Challenges

Our nation continues to face a multitude of serious and evolving threats ranging from homegrown violent extremists (“HVEs”) to hostile foreign intelligence services and operatives, from sophisticated cyber-based attacks to internet-facilitated sexual exploitation of children, from violent gangs and criminal organizations to public corruption and corporate fraud. Keeping pace with these threats is a significant challenge for the FBI. As an organization, we must be able to stay current with constantly evolving technologies. Our adversaries take advantage of modern technology, including the internet and social media, to facilitate illegal activities, recruit followers, encourage terrorist attacks and other illicit actions, and disperse information on building improvised explosive devices and other means to attack the United States. The breadth of these threats and challenges are as complex as any time in our history. And the consequences of not responding to and countering threats and challenges have never been greater.

The FBI is establishing strong capabilities and capacities to assess threats, share intelligence, and leverage key technologies. We are hiring some of the best to serve as special agents, intelligence analysts, and professional staff. We have built, and are continuously enhancing, a workforce that possesses the skills and knowledge to deal with the complex threats and challenges we face today and tomorrow. We are building a leadership team that views change and transformation as a positive tool for keeping the FBI focused on the key threats facing our nation.

Today’s FBI is a national security and law enforcement organization that uses, collects, and shares intelligence in everything we do. Each FBI employee understands that, to defeat the key threats facing our nation, we must constantly strive to be more efficient and more effective. Just as our adversaries continue to evolve, so, too, must the FBI. We live in a time of persistent terrorist, nation-state, and criminal threats to our national security, our economy, and indeed our communities.

National Security

Terrorism Threats

As we saw earlier last month with the devastating attack in Israel, terrorist actors are still very intent on using violence and brutality to spread their ideologies. Protecting the American people from terrorism remains the FBI’s number one priority. The threat from terrorism is as persistent and complex as ever. We are in an environment where the threats from international terrorism, domestic terrorism, and state-sponsored terrorism are all simultaneously elevated.

The greatest terrorism threat to our homeland is posed by lone actors or small cells of individuals who typically radicalize to violence online, and who primarily use easily accessible weapons to attack soft targets. We see the lone offender threat with both domestic violent extremists (“DVEs”) and HVEs [homegrown violent extremists], two distinct threats, both of which are located primarily in the United States and typically radicalize and mobilize to violence on their own. DVEs are individuals based and operating primarily within the United States or its territories without direction or inspiration from a foreign terrorist group or other foreign power who seek to further political or social goals through unlawful acts of force or violence. In comparison, HVEs are individuals of any citizenship who have lived and/or operated primarily in the United States or its territories, who advocate, are engaged in, or are preparing to engage in ideologically motivated terrorist activities in furtherance of political or social objectives promoted by a foreign terrorist organization but are acting independently of direction by a foreign terrorist organization (“FTO”).

Domestic and homegrown violent extremists are often motivated and inspired by a mix of social or political, ideological, and personal grievances against their targets, and more recently have focused on accessible targets to include civilians, law enforcement and the military, symbols or members of the U.S. government, houses of worship, retail locations, and mass public gatherings. Lone actors present a particular challenge to law enforcement and intelligence agencies. These actors are difficult to identify, investigate, and disrupt before they take violent action, especially because of the insular nature of their radicalization and mobilization to violence and limited discussions with others regarding their plans.

The top domestic terrorism threat we face continues to be from DVEs we categorize as racially or ethnically motivated violent extremists (“RMVEs”) and anti-government or anti- authority violent extremists (“AGAAVEs”). The number of FBI domestic terrorism investigations has more than doubled since the spring of 2020. As of September 2023, the FBI was conducting approximately 2,700 investigations within the domestic terrorism program. As of September 2023, the FBI was also conducting approximately 4,000 investigations within its international terrorism program.

The FBI uses all tools available at its disposal to combat domestic terrorism. These efforts represent a critical part of the National Strategy for Countering Domestic Terrorism, which was released in June 2021. The strategy sets forth a comprehensive, whole-of-government approach to address the many facets of the domestic terrorism threat.

The FBI assesses HVEs as the greatest, most immediate international terrorism threat to the homeland. HVEs are people located and radicalized to violence primarily in the United States, who are not receiving individualized direction from FTOs but are inspired by FTOs, including the self-proclaimed Islamic State of Iraq and ash-Sham (“ISIS”) and al-Qaida and their affiliates, to commit violence. An HVE’s lack of a direct connection with an FTO, ability to rapidly mobilize without detection, and use of encrypted communications pose significant challenges to our ability to proactively identify and disrupt potential violent attacks.

While we work to assist our Israeli colleagues and understand the global implications of the ongoing conflict in Israel, we are paying heightened attention to how the events abroad could directly affect and inspire people to commit violence here in the Homeland. Terrorist organizations worldwide, as well as individuals attracted to violence, have praised Hamas’ horrific attack on Israeli civilians. We have seen violent extremists across ideologies seeking to target Jewish and Muslim people and institutions through physical assaults, bomb threats, and online calls for mass casualty attacks. Our top concern stems from lone offenders inspired by—or reacting to—the ongoing Israel-Hamas conflict, as they pose the most likely threat to Americans, especially Jewish, Muslim, and Arab-American communities in the United States. We have seen an increase in reported threats to Jewish and Muslim people, institutions, and houses of worship here in the United States and are moving quickly to mitigate them.

As of right now, we have no information to indicate that Hamas has the intent or capability to conduct operations inside the US, though we cannot, and do not, discount that possibility, but we are especially concerned about the possibility of Hamas supporters engaging in violence on the group’s behalf. As always, we are concerned with any foreign terrorist organization who may exploit the attacks in Israel as a tool to mobilize their followers around the world. In recent years, there have been several events and incidents in the United States that were purportedly motivated, at least in part, by the conflict between Israel and Hamas. These have included the targeting of individuals, houses of worship, and institutions associated with the Jewish and Muslim faiths with acts of physical assault, vandalism, or harassment. Anti-Semitism and anti-Islamic sentiment permeate many violent extremist ideologies and serves as a primary driver for attacks by a diverse set of violent extremists who pose a persistent threat to Jewish and Muslim communities and institutions in the United States and abroad. Foreign terrorist organizations have exploited previous conflicts between Israel and Hamas via media outlets and online communications to call on their supporters located in the United States to conduct attacks. Some violent extremists have used times of heightened tensions to incite violence against religious minorities, targeting both Jewish and Muslim Americans.

The FBI remains concerned about the Taliban takeover of Afghanistan and that the intent of FTOs, such as ISIS and al-Qaida and their affiliates, is to carry out or inspire large-scale attacks in the United States.

Despite its loss of physical territory in Iraq and Syria, ISIS remains relentless in its campaign of violence against the United States and our partners—both here at home and overseas. ISIS and its supporters continue to aggressively promote its hate-fueled rhetoric and attract like-minded violent extremists with a willingness to conduct attacks against the United States and our interests abroad. ISIS’ successful use of social media and messaging applications to attract individuals is of continued concern to us. Like other foreign terrorist groups, ISIS advocates for lone offender attacks in the United States and Western countries via videos and other English language propaganda that have specifically advocated for attacks against civilians, the military, law enforcement and intelligence community personnel.

Al-Qaida also maintains its desire to conduct and to inspire large-scale attacks. Because continued pressure has degraded some of the group’s senior leadership, we assess that, in the near term, al-Qaida is more likely to continue to focus on cultivating its international affiliates and supporting small-scale, readily achievable attacks in regions such as East and West Africa. Nevertheless, propaganda from al-Qaida leaders continues to seek individuals inspired to conduct their own attacks in the United States and other Western nations.

Iran and its global proxies and partners, including Iraqi Shia militant groups, attack and plot against the United States and our allies throughout the Middle East. Iran’s Islamic Revolutionary Guard Corps-Qods Force (“IRGC-QF”) has too provided support to militant resistance groups and terrorist organizations. And Iran has supported Lebanese Hizballah and other terrorist groups. Hizballah has sent operatives to build terrorist infrastructures worldwide. The arrests of individuals in the United States allegedly linked to Hizballah’s main overseas terrorist arm, and their intelligence-collection and -procurement efforts, demonstrate Hizballah’s interest in long-term contingency planning activities here in the Homeland. Hizballah Secretary-General Hassan Nasrallah also has threatened retaliation for the death of IRGC-QF Commander Qassem Soleimani. This willingness to seek retaliation against the United States was reflected in charges the Department brought in 2022 against a member of the IRGC, working on behalf of the Qods Force, who was plotting to murder a former national security advisor.

While the terrorism threat continues to evolve, the FBI’s resolve to counter that threat remains constant. We continually adapt and rely heavily on the strength of our federal, state, local, tribal, territorial, and international partnerships to combat all terrorist threats to the United States and our interests. To that end, we use all available lawful investigative techniques and methods to combat these threats while continuing to collect, analyze, and share intelligence concerning the threats posed by violent extremists who desire to harm Americans and U.S. interests. We will continue to share information and encourage the sharing of information among our numerous partners via our Joint Terrorism Task Forces across the country, and our legal attaché offices around the world.

In addition to fighting terrorism, countering the proliferation of weapons-of-mass-destruction materials, technologies, and expertise, preventing their use by any actor, and securing nuclear and radioactive materials of concern are also top national security priority missions for the FBI. The FBI considers preventing, mitigating, investigating, and responding to weapons of mass destruction (“WMD”) terrorism a “no-fail” mission because a WMD attack could result in substantial injuries, illness, or loss of lives, while yielding significant social, economic, political, and other national security consequences. In collaboration with federal, state, local, tribal, territorial, and other partners, the FBI integrates complementary efforts to counter WMD terrorism. An example of this collaboration is the FBI-led Weapons of Mass Destruction Strategic Group. This interagency crisis action team spans more than 15 departments and agencies to coordinate the federal government’s response to WMD threats and incidents. Alongside the FBI, the Department of Homeland Security maintains the largest footprint on the strategic group.

Cyber

Cybercriminal syndicates and nation-states continue to innovate, using unique techniques to compromise our networks and maximize the reach and impact of their operations. Those techniques include selling malware as a service or targeting vendors to access scores of victims by hacking just one provider.

These criminals and nation-states believe that they can compromise our networks, steal our property, extort us, and hold our critical infrastructure at risk without incurring any risk themselves. In the last few years, we have seen the People’s Republic of China (“PRC”), the Democratic People’s Republic of Korea (“DPRK”), and Russia use cyber operations to target U.S. research. We have seen the PRC working to obtain controlled dual-use technology, while developing an arsenal of advanced cyber capabilities that could be used against other countries in the event of a real-world conflict. And we have seen the disruptive impact a serious supply-chain compromise can have through the SolarWinds-related intrusions, conducted by the Russian Foreign Intelligence Service. As these adversaries become more sophisticated, we are increasingly concerned about our ability to detect specific cyber operations against U.S. organizations. One of the most worrisome facets is their focus on compromising U.S. critical infrastructure, especially during a crisis.

Making things more difficult, there is often no bright line that separates where nation-state activity ends and cybercriminal activity begins. Some cybercriminals contract or sell services to nation-states; some nation-state actors moonlight as cybercriminals to fund personal activities; and nation-states are increasingly using tools typically used by criminal actors, such as ransomware.

So, as dangerous as nation-states are, we do not have the luxury of focusing on them alone. In the past year, we also have seen cybercriminals target hospitals, medical centers, educational institutions, and other critical infrastructure for theft or ransomware, causing massive disruption to our daily lives. Incidents affecting medical centers have led to the interruption of computer networks and systems that put patients’ lives at an increased risk.

We have also seen the rise of an ecosystem of services dedicated to supporting cybercrime in exchange for cryptocurrency. Criminals now have new tools to engage in destructive behavior—for example, deploying ransomware to paralyze entire hospitals, police departments, and businesses—as well as new means to better conceal their tracks. It is not that individual malicious cyber actors have necessarily become much more sophisticated, but that they can now more easily rent sophisticated capabilities.

We must make it harder and more painful for malicious cyber actors and criminals to carry on their malicious activities. Using its role as the lead federal agency for threat response, the FBI works seamlessly with domestic and international partners to defend their networks, attribute malicious activity, sanction bad behavior, and take the fight to our adversaries overseas. We must impose consequences on cyber adversaries, and use our collective law enforcement and intelligence capabilities to do so through joint and enabled operations sequenced for maximum impact. And we must continue to work with the Department of State and other key agencies to ensure that our foreign partners are able and willing to cooperate in our efforts to disrupt perpetrators of cybercrime.

An example of this approach is the coordinated international operation announced in April 2023 against Genesis Market, a criminal online marketplace offering access to data stolen from over 1.5 million compromised computers around the world containing over 80 million account access credentials. Genesis Market was also a prolific initial access broker in the cybercrime world, providing criminals a user-friendly database to search for stolen credentials and more easily infiltrate victims’ computers and accounts. As part of this operation, law enforcement seized 11 domain names used to support Genesis Market’s infrastructure pursuant to a warrant authorized by the U.S. District Court for the Eastern District of Wisconsin. A total of 22 international agencies and 44 FBI field offices worked with the FBI Milwaukee Field Office investigating the case. And on April 5, the U.S. Department of the Treasury announced sanctions against Genesis Market.

In total, along with our colleagues at the Department of Justice (“DOJ”), we took over 1,000 actions against cyber adversaries in 2022, including arrests, criminal charges, convictions, dismantlements, and disruptions. We enabled many more actions through our dedicated partnerships with the private sector, with foreign partners, and with federal, state, and local entities. We also provided thousands of individualized threat warnings and disseminated 70 public threat advisories by way of Joint Cybersecurity Advisories, FBI Liaison Alert System (“FLASH”) reports, Private Industry Notifications (“PINs”), and Public Service Announcements (“PSAs”)—many of which were jointly authored with other U.S. agencies and international partners.

Along with our partners in the interagency, the FBI has devoted significant energy and resources to partnerships with the private sector. We are working hard to push important threat information to network defenders, but we have also been making it as easy as possible for the private sector to share important information with us. For example, we are emphasizing to the private sector how we keep our presence unobtrusive in the wake of an incident, as well as how we protect identities and other information that the private sector shares with us. We are still committed to providing useful feedback and improving coordination with our government partners so that we are speaking with one voice. But, we need the private sector to do its part, too. We need the private sector to come forward to warn us and our partners when they see malicious cyber activity. We also need the private sector to work with us when we warn them that they are being targeted. Significant cyber incidents—SolarWinds, Cyclops Blink, the Colonial pipeline incident—only emphasize what we have been saying for a long time: the government cannot protect against cyber threats on its own. We need a whole-of-society approach that matches the scope of the danger. There is no other option for defending a country where nearly all of our critical infrastructure, personal data, intellectual property, and network infrastructure sits in private hands.

In summary, the FBI is engaged in myriad efforts to combat cyber threats, from improving threat identification and information-sharing inside and outside of the government to developing and retaining new talent, to examining the way we operate to disrupt and defeat these threats. We take all potential threats to public and private sector systems seriously, and will continue to investigate and hold accountable those who pose a threat in cyberspace.

Foreign Intelligence Threats

Top Threats

Nations such as the PRC, Russia, and Iran are becoming more aggressive and more capable than ever before. These nations seek to undermine our core democratic, economic, and scientific institutions, and they employ a growing range of tactics. Defending American institutions and values against these threats is a national security imperative and a priority for the FBI.

With that, the greatest long-term threat to our nation’s ideas, innovation, and economic security is the foreign intelligence and economic espionage threat from the PRC. By extension, it is also a threat to our national security. The PRC government aspires to reshape the international rules-based system to its benefit. Often, with little regard for international norms and laws.

When it comes to economic espionage, the PRC uses every means at its disposal, blending cyber, human intelligence, diplomacy, corporate transactions, and other pressure on U.S. companies operating in the PRC, to steal our companies’ innovations. These efforts are consistent with the PRC government’s expressed goals to become an international power, modernize its military, and create innovation-driven economic growth.

To pursue this goal, the PRC uses human intelligence officers, co-optees, and corrupt corporate insiders, as well as sophisticated cyber intrusions, pressure on U.S. companies in China, shell-game corporate transactions, and joint-venture “partnerships” that are anything but a true partnership. There is nothing traditional about the scale of their theft. It is unprecedented. American workers and companies are facing a greater, more complex danger than they have dealt with before. Stolen innovation means stolen jobs, stolen opportunities for American workers, and stolen national power.

National Counterintelligence Task Force (“NCITF”)

As the lead U.S. counterintelligence agency, the FBI is responsible for detecting and lawfully countering the actions of foreign intelligence services and organizations as they seek to adversely affect U.S. national interests. Recognizing the need to coordinate similar efforts across agencies, the FBI established the NCITF in 2019 to create a whole-of-government approach to counterintelligence. The FBI established this national-level task force in the National Capital Region to coordinate, facilitate, and focus these multi-agency counterintelligence operations, and to programmatically support local Counterintelligence Task Force (“CITF”) operations. Combining the authorities and operational capabilities of the U.S. Intelligence Community, non-Title-50 departments and agencies, law enforcement agencies around the country, and local CITFs in each FBI field office, the NCITF coordinates and leads whole-of-government efforts to defeat hostile intelligence activities targeting the United States.

The Department of Defense (“DOD”) has been a key partner in the NCITF since its founding. While the FBI has had long-term collaborative relationships with DOD entities such as the Air Force Office of Special Investigations, Naval Criminal Investigative Service, and Army Counterintelligence, the NCITF has allowed us to enhance our collaboration for greater impact. We plan to emphasize this whole-of-government approach as a powerful formula to mitigate the modern counterintelligence threat.

Transnational Repression and Other Counterintelligence Threats

In recent years, we have seen a rise in efforts by authoritarian regimes to interfere with freedom of expression and punish dissidents abroad. These acts of repression cross national borders, often reaching into the United States. Governments such as the PRC, the Russian Federation, and the Government of Iran stalk, intimidate, and harass ex-patriots or dissidents who speak against the regime from the United States.

Transnational repression can occur in different forms, including assaults and attempted kidnapping. Governments use transnational repression tactics to silence the voices of their citizens, U.S. residents, or others living abroad who are critical of their regimes. This sort of repressive behavior is antithetical to our values. People from all over the world are drawn to the United States by the promise of living in a free and open society that adheres to the rule of law. To ensure that this promise remains a reality, we must continue to use all of our tools to block authoritarian regimes that seek to extend their tactics of repression beyond their shores.

In addition, our nation is confronting multifaceted foreign threats seeking both to influence our national policies and public opinion and to harm our national dialogue and debate. The FBI and our interagency partners remain focused on foreign malign influence operations, including subversive, undeclared, coercive, and criminal actions used by foreign governments in their attempts to sway U.S. citizens’ preferences and perspectives, shift U.S. policies, increase discord in the United States, and undermine the American people’s confidence in our democratic institutions and processes.

Foreign malign influence is not a new problem, but the interconnectedness of the modern world, combined with the anonymity of the internet, have changed the nature of the threat. The FBI is the lead federal agency responsible for investigating foreign malign influence threats. Several years ago, we established the Foreign Influence Task Force (“FITF”) to identify and counteract foreign malign influence operations targeting the United States. The FITF is led by our Counterintelligence Division, and comprises agents, analysts, and professional staff from the Counterintelligence, Cyber, Counterterrorism, and Criminal Investigative divisions. It is specifically charged with identifying and combating foreign malign influence operations targeting democratic institutions inside the United States.

The domestic counterintelligence environment is more complex than ever. We face a persistent and pervasive national security threat from foreign adversaries, particularly the governments of China and Russia, and Iran, who conduct sophisticated intelligence operations using coercion, subversion, malign influence, cyber and economic espionage, traditional spying, and non-traditional human intelligence collection. Together, they pose a continuous threat to U.S. national security and our economy by targeting strategic technologies, industries, sectors, and critical infrastructure. Historically, these asymmetric national security threats involved foreign intelligence service officers seeking U.S. government and U.S. Intelligence Community information. Now, however, the FBI has observed foreign adversaries employing a wide range of nontraditional collection techniques, including the use of human collectors not affiliated with intelligence services, foreign investment in critical U.S. sectors, and infiltration of U.S. supply chains. The FBI continues to adjust our counterintelligence priorities to address this evolution.

Criminal Threats

The United States faces many criminal threats, including financial and health care fraud, transnational and regional organized criminal enterprises, crimes against children and human trafficking, violent threats against election personnel, and public corruption. Criminal organizations—domestic and international—and individual criminal activity represent a significant threat to security and safety in communities across the nation.

Violent Crime

Violent crimes and gang activities exact a high toll on individuals and communities. Many of today’s gangs are sophisticated and well-organized. They use violence to control neighborhoods and boost their illegal money-making activities, which include robbery, human trafficking, drug and gun trafficking, fraud, extortion, and prostitution rings. These gangs do not limit their illegal activities to single jurisdictions or communities. The FBI is vital to this fight in big cities and small towns throughout the nation because we are able to cross jurisdictions and investigate wherever the evidence leads.

Every day, FBI special agents partner with federal, state, local, territorial, and tribal officers and deputies on joint task forces and on individual investigations. FBI joint task forces—Violent Crime Safe Streets, Violent Gang Safe Streets, and Safe Trails—focus on identifying and targeting major groups operating as criminal enterprises. Much of the FBI criminal intelligence is derived from our state, local, territorial, and tribal law enforcement partners, who know their communities inside and out. Joint task forces benefit from FBI surveillance assets, and our sources track these gangs to identify emerging trends. Through these multi-subject and multi-jurisdictional investigations, the FBI concentrates its efforts on high-level groups engaged in criminal conspiracies and patterns of racketeering. This investigative model enables us to target senior gang leadership and develop enterprise-based prosecutions.

By way of example, the FBI has dedicated tremendous resources to combat the threat of violence posed by MS-13. The atypical nature of this gang has required a multi-pronged approach. We work through our task forces here in the United States, while simultaneously gathering intelligence and aiding our international law enforcement partners. We do this through the FBI’s Transnational Anti-Gang Task Forces. Established in El Salvador in 2007 through the FBI’s National Gang Task Force, Legal Attaché San Salvador, and the United States Department of State, each Anti-Gang Task Force is responsible for the investigation of, primarily, MS-13 operations in the northern triangle of Central America and the United States. This program combines the expertise, resources, and jurisdiction of participating agencies to investigate and counter transnational criminal gang activity in Central America and the United States. There are now Transnational Anti-Gang Task Forces in El Salvador, Guatemala, and Honduras. Through these combined efforts, the FBI has achieved substantial success in countering the MS-13 threat across Central America and the United States.

Transnational Organized Crime (“TOC”)

More than a decade ago, organized crime was characterized by hierarchical organizations, or families, that exerted influence over criminal activities in neighborhoods, cities, or states. But organized crime has changed dramatically. Today, international criminal enterprises run multinational, multibillion-dollar schemes from start to finish. Modern-day criminal enterprises are flat, fluid networks with global reach. While still engaged in many of the “traditional” organized crime activities of loan-sharking, extortion, and murder, modern criminal enterprises are also involved in trafficking counterfeit prescription drugs containing fentanyl, targeting stock market fraud and manipulation, cyber-facilitated bank fraud and embezzlement, illicit drug trafficking, identity theft, human trafficking, money laundering, alien smuggling, public corruption, weapons trafficking, kidnapping, and other illegal activities.

TOC networks exploit legitimate institutions for critical financial and business services that enable the storage or transfer of illicit proceeds. Preventing and combating transnational organized crime demands a concentrated effort by the FBI and federal, state, local, tribal, territorial, and international partners.

As part of our efforts to combat the TOC threat, the FBI is focused on the cartels trafficking narcotics across our border. The FBI has 328 pending investigations linked to cartel leadership, and 78 of those investigations are along the southern border. Additionally, the FBI actively participates in 17 Organized Crime Drug Enforcement Task Forces (“OCDETF”) across the United States, investigating major drug trafficking, money laundering, and other high-priority transnational organized crime networks. On top of that, we are pursuing health care fraud investigations against medical professionals and pill mills through our prescription drug initiative, investigating the gangs and criminal groups responsible for distributing substances like fentanyl through our Safe Streets Task Forces, and disrupting and dismantling darknet marketplaces that facilitate the sale of counterfeit prescription opioids and other illicit drugs through our Joint Criminal Opioid Darknet Enforcement team.

While the FBI continues to share intelligence about criminal groups with our partners and combines resources and expertise to gain a full understanding of each group, the threat of transnational crime remains a significant and growing threat to national and international security with implications for public safety, public health, democratic institutions, and economic stability across the globe. TOC groups increasingly exploit jurisdictional boundaries to conduct their criminal activities overseas. Furthermore, they are diversifying their use of the darknet and emerging technologies to engage in illegal activity, such as trafficking illicit drugs and contraband across international borders and into the United States.

Crimes Against Children and Human Trafficking

Every year, thousands of children become victims of crimes, whether it is through kidnappings, violent attacks, sexual abuse, human trafficking, or online predators. The FBI is uniquely positioned to provide a rapid, proactive, and comprehensive response. We help identify, locate, and recover child victims. Our strong relationships with federal, state, local, territorial, tribal, and international law enforcement partners also help to identify, prioritize, investigate, and deter individuals and criminal networks from exploiting children.

But the FBI’s ability to learn about and investigate child sexual exploitation is being threatened by the proliferation of sites on the darknet. For example, currently, there are at least 30 child sexual abuse material sites operating openly and notoriously on the darknet. Some of these exploitative sites are exclusively dedicated to the sexual abuse of infants and toddlers. The sites often expand rapidly, with one site obtaining as many as 200,000 new members within its first few weeks of operation.

Another growing area of concern involving the sexual exploitation of children is the explosion in incidents of children and teens being coerced into sending explicit images online and extorted for money. Known as financial sextortion, in 2022, law enforcement received over 13,000 reports of this type of crime, resulting in at least 12,600 victims here and abroad, and more than 20 suicides. A large percentage of these sextortion schemes originate outside the United States, primarily in West African countries such as Nigeria and Ivory Coast. The FBI continues to collaborate with other law enforcement partners and the National Center for Missing and Exploited Children to mitigate this criminal activity and provide the public with informational alerts and victim resources regarding these crimes.

The FBI has several programs in place to arrest child predators and to recover missing and endangered children. To this end, the FBI funds or participates in a variety of endeavors, including our Innocence Lost National Initiative, Innocent Images National Initiative, Operation Cross Country, Child Abduction Rapid Deployment Team, Victim Services, over 80 Child Exploitation and Human Trafficking Task Forces, over 74 International Violent Crimes Against Children Task Force officers, as well as numerous community outreach programs to educate parents and children about safety measures they can follow. Through improved communications, the FBI is able to collaborate with partners throughout the world quickly, playing an integral role in crime prevention.

The Child Abduction Rapid Deployment Team is a rapid-response team with experienced investigators strategically located across the country to quickly respond to child abductions. Investigators provide a full array of investigative and technical resources during the most critical time following the abduction of a child, such as the collection and analysis of DNA, impression, and trace evidence, the processing of digital forensic evidence, and interviewing expertise.

The FBI also focuses efforts to stop human trafficking of both children and adults. The FBI works collaboratively with law enforcement partners to disrupt all forms of human trafficking through Human Trafficking Task Forces nationwide. One way the FBI combats this pernicious crime problem is through investigations such as Operation Cross Country. Over a two-week period in 2023, the FBI, along with other federal, state, local, and tribal partners, executed approximately 350 operations to recover survivors of human trafficking and disrupt traffickers. These operations identified and located 59 minor victims of child sex trafficking, child sexual exploitation, or related state offenses and located 59 actively missing children. Furthermore, the FBI and its partners located 141 adults who were identified as potential victims of sexual exploitation, human trafficking, or related state offenses. In addition to identifying and recovering missing children and potential victims, the law enforcement activity conducted during Operation Cross Country led to the identification or arrest of 126 suspects implicated in potential child sexual exploitation, human trafficking, or related state or federal offenses.

Although many victims of human trafficking recovered by the FBI are adult U.S. citizens, the FBI and its partners recognize that foreign nationals, children, and other vulnerable populations are disproportionately harmed by both sex and labor trafficking. We take a victim-centered, trauma-informed approach to investigating these cases and strive to ensure the needs of victims are fully addressed at all stages. To accomplish this, the FBI works in conjunction with other law enforcement agencies and victim specialists on the federal, state, local, and tribal levels, as well as with a variety of vetted non-governmental organizations. Even after the arrest and conviction of human traffickers, the FBI often continues to work with partner agencies and organizations to assist victims and survivors in moving beyond their exploitation.

Reauthorization of Section 702 of the Foreign Intelligence Surveillance Act

Before closing, I would be remiss if I did not underscore an urgent legislative matter directly relevant to our discussion today. As the committee knows, at the end of December, Section 702 and other provisions of the Foreign Intelligence Surveillance Act (FISA) will expire unless renewed.

Loss of this vital provision, or its reauthorization in a narrowed form, would raise profound risks. For the FBI in particular, either outcome could mean substantially impairing, or in some cases entirely eliminating, our ability to find and disrupt many of the most serious security threats I described earlier in my statement.

I am especially concerned about one frequently discussed proposal, which would require the government to obtain a warrant or court order from a judge before personnel could conduct a “U.S. person query” of information previously obtained through use of Section 702. A warrant requirement would amount to a de facto ban, because query applications either would not meet the legal standard to win court approval; or because, when the standard could be met, it would be so only after the expenditure of scarce resources, the submission and review of a lengthy legal filing, and the passage of significant time—which, in the world of rapidly evolving threats, the government often does not have. That would be a significant blow to the FBI, which relies on this longstanding, lawful capability afforded by Section 702 to rapidly uncover previously hidden threats and connections, and to take swift steps to protect the homeland when needed.

To be sure, no one more deeply shares members’ concerns regarding past FBI compliance violations related to FISA, including the rules for querying Section 702 collection using U.S. person identifiers, than I do. These violations never should have happened and preventing recurrence is a matter of utmost priority. The FBI took these episodes seriously and responded rigorously, already yielding significant results in dramatically reducing the number of “U.S. person queries” by the FBI of the Section 702 database and in substantially improving its compliance rate. Moreover, as we publicly announced in June, the FBI is implementing further measures both to keep improving our compliance and to hold our personnel accountable for misuse of Section 702 and other FISA provisions, including through an escalating scheme for employee accountability, including discipline and culminating in possible dismissal.

Together with other leaders of the Intelligence Community and the Department of Justice, I remain committed to working with this committee and others in Congress, on potential reforms to Section 702 that would not diminish its critical intelligence value. There are many options for meaningfully enhancing privacy, oversight, and accountability, while fully preserving Section 702’s efficacy. Doing that will be critical to fulfilling the FBI’s continuing mission of identifying and stopping national security threats within the U.S. homeland.

Conclusion

The strength of any organization is its people. The threats we face as a nation have never been greater or more diverse, and the expectations placed on the FBI have never been higher. Our fellow citizens look to the FBI to protect the United States from those threats, and, every day, the men and women of the FBI continue to meet and exceed those expectations. I want to thank them for their dedicated service.

Chairman Green, Ranking Member Thompson, and members of the committee, thank you for the opportunity to testify today. I am happy to answer your questions.