|Multi Request||FBI Metasploit release of EternalBlue|
|Submitted||Feb. 4, 2020|
|Due||March 5, 2020|
MuckRock users can file, duplicate, track, and share public records requests like this one. Learn more.
To Whom It May Concern:
Pursuant to the Freedom of Information Act, I hereby request the following records:
Any records related to Metasploit including the ETERNALBLUE, EmeraldThread, EternalChampion, EskimoRoll, EternalRomance, EducatedScholar, EternalSynergy, EclipsedWing computer vulnerability exploitation code into the Metasploit framework, developed by Rapid7. This could for example be damage assessments that are being shared with any other government agencies, or received by such agencies. As well as any investigations that could have stemmed into the inclusion of such cyber attack tools into an open source and freely distributive and completely free tool like Metasploit.
The Metasploit Project is a computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development. It is owned by Boston, Massachusetts-based security company Rapid7.
EternalBlue is a cyberattack exploit developed by the U.S. National Security Agency. It was leaked by the Shadow Brokers hacker group on April 14, 2017, one month after Microsoft released patches for the vulnerability. On May 12, 2017, the worldwide WannaCry ransomware used this exploit to attack unpatched computers.
EmeraldThread, EternalChampion, EskimoRoll, EternalRomance, EducatedScholar, EternalSynergy, EclipsedWing are all cyber attacks tool developed by the U.S National Security Agency. It was leaked by the Shadow Brokers hackers group in 2017.
The requested documents will be made available to the general public, and this request is not being made for commercial purposes.
In the event that there are fees, I would be grateful if you would inform me of the total charges in advance of fulfilling my request. I would prefer the request filled electronically, by e-mail attachment if available or CD-ROM if not.
Thank you in advance for your anticipated cooperation in this matter. I look forward to receiving your response to this request within 20 business days, as the statute requires.
Jurre van Bergen
Good morning Mr. Van Bergen,
Thanks for your request. Before we initiate this action, we want to be sure that you concur with our interpretation, which we think may be the gist of what you're looking for:
"Assessments or investigations resulting from security vulnerabilities and exploits shared via Metasploit Project."
As worded in your email, the "any records" caveat associated with multiple keywords is problematic for us, as it does not enable an organized, non-random search.
Are you satisfied with our interpretation of your request, or would you like to provide a different description of the desired records that will help us locate them with a reasonable amount of effort?
Thanks for checking back and sorry for the vague wording.
I think for now your suggestion will do.
Please continue with: "Assessments or investigations resulting from security vulnerabilities and exploits shared via Metasploit Project."
No sweat! Sounds good.
Mr. Van Bergen,
Acknowledgement letter attached.
Please don't hesitate to reach out if you have any questions or concerns.
To Whom It May Concern:
I wanted to follow up on the following Freedom of Information Act request, copied below, and originally submitted on Feb. 4, 2020. Please let me know when I can expect to receive a response.
Thanks for your help, and let me know if further clarification is needed.