Washington, D.C. – Good morning, Chairman Durbin, Ranking Member Grassley, and members of the committee. I am honored to be here, representing the men and women of the Federal Bureau of Investigation (FBI).
Our people—nearly 37,000 of them—are the heart of the Bureau. I am proud of their service and their commitment to our mission. Every day, they tackle their jobs with perseverance, professionalism, and integrity—sometimes at the greatest of costs.
Just last month, two of our agents made the ultimate sacrifice in the line of duty. Special Agents Dan Alfin and Laura Schwartzenberger left home to carry out the mission they signed up for—to keep the American people safe.
They were executing a federal court-ordered search warrant in a violent crimes against children investigation in Sunrise, Florida, when they were shot and killed.
Three other agents were also wounded that day. We’ll be forever grateful for their commitment and their dedication, for their last full measure of devotion to the people they served and defended. We will always honor their sacrifice.
Despite the many challenges our FBI workforce has faced, I am immensely proud of their dedication to protecting the American people and upholding the Constitution. Our country has faced unimaginable challenges this past year.
Yet, through it all, whether it was coming to the aid of our partners during the Capitol siege and committing all of our resources to ensure that those involved in that brutal assault on our democracy are brought to justice, the proliferation of terroristic hate moving at the speed of social media, abhorrent hate crimes, COVID-19 Coronavirus related fraud and misinformation, the increasing threat of cyber intrusions and state-sponsored economic espionage, malign foreign influence and interference, the scourge of opioid trafficking and abuse, or human trafficking and crimes against children, the women and men of the FBI have unwaveringly stood at the ready and taken it upon themselves to tackle any and all challenges thrown their way.
The list of diverse threats we face underscores the complexity and breadth of the FBI’s mission: to protect the American people and uphold the Constitution of the United States. I am pleased to have received your invitation to appear today and am looking forward to engaging in a thorough, robust, and frank discussion regarding some of the most critical matters facing our organization and the nation as a whole.
First and foremost, I want to assure you, your staff, and the American people that the FBI has deployed every single tool at our disposal and our full arsenal of investigative resources to aggressively pursue those involved in the heinous violence and criminal activity that occurred on January 6th, 2021.
We are working closely with our federal, state, and local law enforcement partners, as well as private sector partners, to identify those responsible for the violence and destruction of property at the U.S. Capitol building who showed blatant and appalling disregard for our institutions of government and the orderly administration of the democratic process.
Our agents, analysts, and professional staff have been working non-stop with federal prosecutors to gather and preserve evidence, share intelligence, and identify and bring charges against those who participated in the siege of the U.S. Capitol. As we have said consistently, we do not and will not tolerate violent extremists who use the guise of First Amendment-protected activity to wreak havoc and incite violence.
Thus far, our investigators have identified hundreds of individuals involved in the siege of the Capitol Complex and already charged well over 300 of them. Many of those identifications are the result of the over 200,000 digital media tips we have received from the public. Members of the public who have any information related to the siege should continue to provide tips, information, and videos of illegal activity at tips.fbi.gov or by calling 1.800.CALL.FBI.
Overall, the FBI assesses that the January 6th siege of the Capitol Complex demonstrates a willingness by some to use violence against the government in furtherance of their political and social goals. This ideologically motivated violence underscores the symbolic nature of the National Capital Region and the willingness of domestic violent extremists to travel to events in this area and violently engage law enforcement and their perceived adversaries.
The American people should rest assured that we will continue to work to hold accountable those individuals who participated in the violent breach of the Capitol on January 6, and any others who attempt to use violence and destruction to intimidate, coerce, or influence the American people or affect the conduct of our government.
Top Terrorism Threats
As has been stated multiple times in the past, preventing terrorist attacks, in all forms, remains the FBI’s top priority. The nature of the threat posed by terrorism—both international terrorism (IT) and domestic terrorism (DT)—continues to evolve.
The most significant threat to our homeland is posed by lone actors who often radicalize online and seek out soft targets to attack with easily accessible weapons. We see these individualized threats manifested within both domestic violent extremists (DVEs) and homegrown violent extremists (HVEs).
Although they have different ideologies, they both typically radicalize and mobilize to violence on their own and are both located primarily in the United States. Individuals who commit violent criminal acts in furtherance of ideological goals stemming from domestic influences—some of which include racial or ethnic bias, or strong anti-government or anti-authority sentiments—are described as DVEs, whereas HVEs are individuals inspired primarily by achieving global jihad, but not receiving individualized direction from Foreign Terrorist Organizations (FTOs).
Domestic and homegrown violent extremists are often motivated and inspired by a mix of sociopolitical, ideological, and personal grievances against their targets, and more recently have focused on accessible targets to include civilians, law enforcement and the military, symbols or members of the U.S. government, houses of worship, retail locations, and mass public gatherings. Selecting these types of soft targets, in addition to the insular nature of their radicalization and mobilization to violence and limited discussions with others, challenges law enforcement to detect and disrupt the activities of lone actors before they occur.
The top threat we face from DVEs continues to be those we identify as racially or ethnically motivated violent extremists (RMVEs), specifically those who advocate for the superiority of the white race, and who were the primary source of ideologically motivated lethal incidents of violence in 2018 and 2019. It is important to note that we have recently seen an increase in lethal DVE attacks perpetrated by anti-government or anti-authority violent extremists, specifically militia violent extremists and anarchist violent extremists. Anti-government or anti-authority violent extremists were responsible for three of the four lethal DVE attacks in 2020. Also, in 2020, we saw the first lethal attack committed by an anarchist violent extremist in over 20 years.
Consistent with our mission, the FBI does not investigate First Amendment-protected speech or association, peaceful protests, or political activity. The FBI holds sacred the rights of individuals to peacefully exercise their First Amendment freedoms. Non-violent protests are signs of a healthy democracy, not an ailing one.
Regardless of their specific ideology, the FBI will aggressively pursue those who seek to hijack legitimate First Amendment—protected activity by engaging in violent criminal activity such as the breach, destruction of property, and violent assaults on law enforcement officers that we witnessed on January 6 and during lawful protests throughout the U.S. during the summer of 2020. In other words, we will actively pursue the opening of FBI investigations when an individual uses, or threatens the use of, force, violence, or coercion, in violation of federal law and in the furtherance of a political or social ideological goal.
The FBI assesses HVEs as the greatest, most immediate international threat to the Homeland. As I have described, HVEs are United States-based individuals, located in and radicalized primarily in the U.S., who are not receiving individualized direction from global jihad-inspired FTOs, but are inspired largely by the Islamic State of Iraq and ash-Sham (ISIS) and al Qaeda to commit violence. An HVE’s lack of a direct connection with an FTO, ability to rapidly mobilize without detection, and use of encrypted communications pose significant challenges to our ability to proactively identify and disrupt them.
The FBI remains concerned that foreign terrorist organizations, such as ISIS and al Qaeda, intend to carry out or inspire large-scale attacks in the U.S. Despite their loss of physical territory in Iraq and Syria, ISIS remains relentless in its campaign of violence against the United States and our partners, both here at home and overseas. To this day, ISIS continues to aggressively promote its hate-fueled rhetoric and attract like-minded violent extremists with a willingness to conduct attacks against the United States. and our interests abroad.
ISIS’s successful use of social media and messaging apps to attract individuals seeking a sense of belonging is of continued concern to us. Like other foreign terrorist groups, ISIS advocates for lone offender attacks in the United States and Western countries via videos and other English language propaganda that have at times specifically advocated for attacks against soldiers, law enforcement and other intelligence community personnel.
Al Qaeda maintains its desire for large-scale, spectacular attacks. Because continued pressure has degraded some of the group’s senior leadership, in the near term, al Qaeda is more likely to continue to focus on building its international affiliates and supporting small-scale, readily achievable attacks in regions such as East and West Africa. Over the past year, propaganda from al Qaeda leaders sought to inspire individuals to conduct their own attacks in the United States and other Western nations.
The arrests of individuals in the United States allegedly linked to Lebanese Hizballah’s main overseas terrorist arm, and their intelligence collection and procurement efforts, demonstrate Lebanese Hizballah’s interest in long-term contingency planning activities here in the Homeland. Lebanese Hizballah Secretary-General Hasan Nasrallah also has threatened retaliation for the death of IRGC-QF Commander Soleimani.
As an organization, we continually adapt and rely heavily on the strength of our federal, state, local, Tribal, territorial, and international partnerships to combat all terrorist threats to the United States and our interests.
To that end, we use all available lawful investigative techniques and methods to combat these threats while continuing to collect, analyze, and share intelligence concerning the threat posed by violent extremists, in all their forms, motivated by any ideology, who desires to harm Americans and U.S. interests. We will continue to share information and encourage the sharing of information among our numerous partners via our Joint Terrorism Task Forces across the country, and our legal attaché offices around the world.
The problems caused by law enforcement agencies’ inability to access electronic evidence continue to grow. Increasingly, commercial device manufacturers have employed encryption in such a manner that only the device users can access the content of the devices. This is commonly referred to as “user-only-access” device encryption. Similarly, more and more communications service providers are designing their platforms and apps such that only the parties to the communication can access the content.
This is generally known as “end-to-end” encryption. The proliferation of end-to-end and user-only-access encryption is a serious issue that increasingly limits law enforcement’s ability, even after obtaining a lawful warrant or court order, to access critical evidence and information needed to disrupt threats, protect the public, and bring perpetrators to justice.
The FBI remains a strong advocate for the wide and consistent use of responsibly managed encryption, encryption that providers can decrypt and provide to law enforcement when served with a legal order. Protecting data and privacy in a digitally connected world is a top priority for the FBI and the U.S. government, and we believe that promoting encryption is a vital part of that mission.
But we have seen that the broad application of end-to-end and user-only-access encryption adds negligible security advantages. It does have a negative effect on law enforcement’s ability to protect the public. What we mean when we talk about lawful access is putting providers who manage encrypted data in a position to decrypt it and provide it to us in response to legal process. We are not asking for, and do not want, any “backdoor,” that is, for encryption to be weakened or compromised so that it can be defeated from the outside by law enforcement or anyone else.
Unfortunately, too much of the debate over lawful access has revolved around discussions of this “backdoor” straw man instead of what we really want and need.
We are deeply concerned with the threat end-to-end and user-only-access encryption pose to our ability to fulfill the FBI’s duty of protecting the American people from every manner of federal crime, from cyber-attacks and violence against children to drug trafficking and organized crime. We believe Americans deserve security in every walk of life—in their data, their streets, their businesses, and their communities.
End-to-end and user-only-access encryption erode that security against every danger the FBI combats. For example, even with our substantial resources, accessing the content of known or suspected terrorists’ data pursuant to court-authorized legal process is increasingly difficult. The often online nature of the terrorist radicalization process, along with the insular nature of most of today’s attack plotters, leaves fewer dots for investigators to connect in time to stop an attack—and end-to-end and user-only-access encryption increasingly hide even those often precious few and fleeting dots.
In one instance, while planning and right up until the eve of the December 6th, 2019 shooting at Naval Air Station Pensacola that killed three U.S. sailors and severely wounded eight other Americans, deceased terrorist Mohammed Saeed Al-Shamrani communicated undetected with overseas al Qaeda terrorists using an end-to-end encrypted app. Then, after the attack, user-only-access encryption prevented the FBI from accessing the information contained in his phones for several months.
As a result, during the critical time period immediately following the shooting and despite obtaining search warrants for the deceased killer’s devices, the FBI could not access the information on those phones to identify co-conspirators or determine whether they may have been plotting additional attacks.
This problem spans international and domestic terrorism threats. Like Al-Shamrani, the plotters who sought to kidnap the governor of Michigan late last year used end-to-end encrypted apps to hide their communications from law enforcement. Their plot was only disrupted by well-timed human source reporting and the resulting undercover operation. Subjects of our investigation into the January 6th Capitol siege used end-to-end encrypted communications as well.
We face the same problem in protecting children against violent sexual exploitation. End-to-end and user-only-access encryption frequently prevent us from discovering and searching for victims, since the vital tips we receive from providers only arrive when those providers themselves are able to detect and report child exploitation being facilitated on their platforms and services.
They cannot do that when their platforms are end-to-end encrypted. For example, while Facebook Messenger and Apple iMessage each boast over one billion users, in 2020, the National Center for Missing and Exploited Children (NCMEC) received over 20 million tips from Facebook, compared to 265 tips from Apple, according to NCMEC data and publicly available information. Apple’s use of end-to-end encryption, which blinds it to child sexual abuse material being transmitted through its services, likely plays a role in the disparities in reporting between the two companies. We do not know how many children are being harmed across the country as a result of this under-reporting, by Apple and other end-to-end providers.
This problem is not just limited to federal investigations. Our state and local law enforcement partners have been consistently advising the FBI that they, too, are experiencing similar end-to-end and user-only-access encryption challenges, which are now being felt across the full range of state and local crime. Many report that even relatively unsophisticated criminal groups, like street gangs, are frequently using user-only-access encrypted smartphones and end-to-end encrypted communications apps to shield their activities from detection or disruption.
As this problem becomes more and more acute for state and local law enforcement, the advanced technical resources needed to address even a single investigation involving end-to-end and user-only-access encryption will continue to diminish and ultimately overwhelm state and local capacity to investigate even common crimes.
In 2020, nation-state and criminal cyber actors took advantage of people and networks made more vulnerable by the sudden shift of our personal and professional lives online due to the COVID-19 Coronavirus pandemic, targeting those searching for personal protective equipment, worried about stimulus checks, and conducting vaccine research.
Throughout the last year, the FBI has seen a wider-than-ever range of cyber actors threaten Americans’ safety, security, and confidence in our digitally connected world. Cyber-criminal syndicates and nation-states keep innovating ways to compromise our networks and maximize the reach and impact of their operations, such as by selling malware as a service or by targeting vendors as a way to access scores of victims by hacking just one provider.
These criminals and nation-states believe that they can compromise our networks, steal our property, and hold our critical infrastructure at risk without incurring any risk themselves. In the last year alone, we have seen, and have publicly called out, China, North Korea, and Russia for using cyber operations to target U.S. COVID-19 vaccines and research.
We have seen the far-reaching disruptive impact a serious supply-chain compromise can have through the SolarWinds intrusions, which we believe was conducted by an Advanced Persistent Threat actor, likely Russian in origin. We have seen China working to obtain controlled defense technology and developing the ability to use cyber means to complement any future real-world conflict. We have seen Iran use cyber means to try to sow divisions and undermine our elections, targeting voters before the November election and threatening election officials after.
As dangerous as nation-states are, we do not have the luxury of focusing on them alone. In the past year, we also have seen cyber criminals target hospitals, medical centers, and educational institutions for theft or ransomware. Such attacks on medical centers have led to the interruption of computer networks and systems that put patients’ lives at an increased risk at a time when America faces its most dire public health crisis in generations.
We are also seeing dark web vendors who sell capabilities in exchange for cryptocurrency increase the difficulty of stopping what would once have been less dangerous offenders. What was once a ring of unsophisticated criminals now has the tools to paralyze entire hospitals, police departments, and businesses with ransomware. It is not that individual hackers alone have necessarily become much more sophisticated, but, unlike previously, they are able to rent sophisticated capabilities.
We must impose consequences on cyber adversaries and use our collective law enforcement and intelligence capabilities to do so through joint and enabled operations sequenced for maximum impact. And we must continue to work with the Department of State and other key agencies to ensure that our foreign partners are able and willing to cooperate in our efforts to bring the perpetrators of cybercrime to justice.
An example of this approach is the international takedown in January 2021 of the Emotet botnet, which enabled a network of cybercriminals to cause hundreds of millions of dollars in damages to government, educational, and corporate networks. The FBI used sophisticated techniques, our unique legal authorities, and, most importantly, our worldwide partnerships to significantly disrupt the malware. We imposed upwards of 1,100 consequences on cyber adversaries last year, including arrests, criminal charges, convictions, dismantlements, and disruptions, and enabled many more actions through our dedicated partnerships with the private sector, foreign partners, and at the federal, state, and local level.
We have been putting a lot of energy and resources into all of those partnerships, especially with the private sector. We are working hard to push important threat information to network defenders, but we have also been making it as easy as possible for the private sector to share important information with us. For example, we are emphasizing to the private sector how we keep our presence unobtrusive in the wake of a breach; how we protect information that companies and universities share with us, and commit to providing useful feedback; and how we coordinate with our government partners so that we are speaking with one voice.
But we need the private sector to do its part, too. We need the private sector to come forward to warn us—and warn us quickly—when they see malicious activity. We also need the private sector to work with us when we warn them that they are being targeted. The SolarWinds example only emphasizes what I have been saying for a long time: The government cannot protect against cyber threats on its own. We need a whole-of-society approach that matches the scope of the danger. There is really no other option for defending a country where nearly all of our critical infrastructure, personal data, intellectual property, and network infrastructure sits in private hands.
Our nation is confronting multifaceted foreign threats seeking to both influence our national policies and public opinion, and cause harm to our national dialogue. The FBI and our interagency partners remain concerned about, and focused on, the covert and overt influence measures used by certain adversaries in their attempts to sway U.S. voters’ preferences and perspectives, shift U.S. policies, increase discord in the United States, and undermine the American people’s confidence in our democratic processes.
Foreign influence operations—which include subversive, undeclared, coercive, and criminal actions by foreign governments to influence U.S. political sentiment or public discourse or interfere in our processes themselves—are not a new problem. But the interconnectedness of the modern world, combined with the anonymity of the Internet, have changed the nature of the threat and how the FBI and its partners must address it. Foreign influence operations have taken many forms and used many tactics over the years. Most widely reported these days are attempts by adversaries—hoping to reach a wide swath of Americans covertly from outside the United States—to use false personas and fabricated stories on social media platforms to discredit U.S. individuals and institutions.
The FBI is the lead federal agency responsible for investigating foreign influence operations. In the fall of 2017, we established the Foreign Influence Task Force (FITF) to identify and counteract malign foreign influence operations targeting the United States. The FITF is led by the Counterintelligence Division and is comprised of agents, analysts, and professional staff from the Counterintelligence, Cyber, Counterterrorism, and Criminal Investigative Divisions.
It is specifically charged with identifying and combating foreign influence operations targeting democratic institutions and values inside the United States. In all instances, the FITF strives to protect democratic institutions; develop a common operating picture; raise adversaries’ costs; and reduce their overall asymmetric advantage.
The FITF brings the FBI’s national security and traditional criminal investigative expertise under one umbrella to prevent foreign influence in our elections. This better enables us to frame the threat, to identify connections across programs, to aggressively investigate as appropriate, and, importantly, to be more agile. Coordinating closely with our partners and leveraging relationships we have developed in the technology sector, we had a number of instances where we were able to quickly relay threat indicators that those companies used to take swift action, blocking budding abuse of their platforms.
Following the 2018 midterm elections, we reviewed the threat and the effectiveness of our coordination and outreach. As a result of this review, we further expanded the scope of the FITF. Previously, our efforts to combat malign foreign influence focused solely on the threat posed by Russia. Utilizing lessons learned over the last year and half, the FITF is widening its aperture to confront malign foreign operations of China, Iran, and other global adversaries. To address this expanding focus and wider set of adversaries and influence efforts, we have also added resources to maintain permanent “surge” capability on election and foreign influence threats.
We have also further refined our strategy to ensure all efforts are based on a three-pronged approach, which includes investigations and operations, information and intelligence sharing, and a strong partnership with the private sector. Through the efforts of the FITF, and lessons learned from both the 2016 and 2018 elections, the FBI is actively engaged in identifying, detecting, and disrupting threats to our elections and ensuring both that the integrity of our democracy is preserved and that the will of the American people is fulfilled.
Finally, the strength of any organization is its people. The threats we face as a nation have never been greater or more diverse and the expectations placed on the FBI have never been higher. Our fellow citizens look to the FBI to protect the United States from all of those threats, and the men and women of the FBI continue to meet and exceed those expectations, every day. I want to thank them for their dedicated service.
Chairman Durbin, Ranking Member Grassley, and members of the committee thank you for the opportunity to testify today. I am happy to answer any questions you might have.