The December changes to Rule 41 gave the FBI authority to push their cyber-boundaries even further. It granted legal grounds to hack computers that would, before the change, be untouchable, so to speak. In reality, the FBI received nothing new. Agents acted far outside their legal restraints and, in a literal sense, their geophysical ones too during the PlayPen case. However, in a recent speech by Leslie Caldwell, the Assistant Attorney General of the Criminal Division at the Department of Justice, she revealed that more changes were underway—this time on an international level.
Caldwell spoke of the changes at the recent Center for Strategic and International Studies at the CSIS Headquarters on December 8. She described the upcoming changes to be similar to those made in Rule 41. The Department of Justice saw a growing need to increase cyberdefense. Instead of hunting down cybercriminals after the attack occurs, the legislation flips the tables, she explained.
She said, “there are other laws that we look to fix and to change and to update. As I have said, most of these proposed fixes are very technical and very narrow, and they are designed just like the Rule 41 change to address very specific issues that we have encountered.”
The announcement came one week before the massive takedown of Avalanche and Caldwell continually made use of the bust. She explained that a single country lacked the ability to take down a group like Avalanche. And she spoke the truth—the takedown was a massive, global operation by multiple agencies—Avalanche operated internationally. She saw no reason to limit US authorities from receiving help, in precisely outlined cases, from global partners. (The FBI already does this.)
She mentioned that law enforcement began establishing some partnerships with foreign authorities:
We have significantly increased our international cooperation with international law enforcement partners all around the world, including in countries that just two years ago we had no relationship with. As cybercrime proliferates so too does our relations with countries around the world. We have got to continue to build those international relationships and grow them and improve them because they are going to be more and more critical every single day. We have seen a growth in global, very sophisticated cyberthreats. Moreover, there are some very significant loopholes regarding our legal authorities, many of which have not kept pace with changes in technology. Source: Transcript from her speech at the CSIS cybercrime event.
Caldwell told the attendees that since she assumed office, officials noted a major increase in “warrant-proof encryption.” She explained that the US law enforcement’s current ability to access to data stored offshore was inefficient, to say the least. Those who kept up with the US vs. Gary Davis (aka Libertas from the Silk Road) may remember the battle between Microsoft and the FBI—and the FBI lost.
She made a brief mention of the darknet. Throughout her segment of the event, she spoke of the darknet from the favorite cybercrime aspect. Caldwell explained ransomware that hijacked computers and charged steep fees—in conjunction with the darknet and Avalanche. She said that “we have developed our capabilities to disrupt criminal networks both here and overseas … working hand in hand with international partners to address a technical threat like botnets, bulletproof hosts, darknet markets and international hacking forums.”
The takeaway, she summarized, was that the government sought the authority needed to takedown advanced cybercriminals. And to the skeptical, she said, “most of these proposed fixes are very technical and very narrow, and they are designed just like the Rule 41 change to address very specific issues that we have encountered. (CSIS).”