FBI Metasploit release of EternalBlue (U.s. Cyber Command)
Multi Request | FBI Metasploit release of EternalBlue |
Submitted | Feb. 4, 2020 |
MuckRock users can file, duplicate, track, and share public records requests like this one. Learn more.
Communications
From: Jurre van Bergen
To Whom It May Concern:
Pursuant to the Freedom of Information Act, I hereby request the following records:
Any records related to Metasploit including the ETERNALBLUE, EmeraldThread, EternalChampion, EskimoRoll, EternalRomance, EducatedScholar, EternalSynergy, EclipsedWing computer vulnerability exploitation code into the Metasploit framework, developed by Rapid7. This could for example be damage assessments that are being shared with any other government agencies, or received by such agencies. As well as any investigations that could have stemmed into the inclusion of such cyber attack tools into an open source and freely distributive and completely free tool like Metasploit.
The Metasploit Project is a computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development. It is owned by Boston, Massachusetts-based security company Rapid7.
EternalBlue is a cyberattack exploit developed by the U.S. National Security Agency. It was leaked by the Shadow Brokers hacker group on April 14, 2017, one month after Microsoft released patches for the vulnerability. On May 12, 2017, the worldwide WannaCry ransomware used this exploit to attack unpatched computers.
EmeraldThread, EternalChampion, EskimoRoll, EternalRomance, EducatedScholar, EternalSynergy, EclipsedWing are all cyber attacks tool developed by the U.S National Security Agency. It was leaked by the Shadow Brokers hackers group in 2017.
The requested documents will be made available to the general public, and this request is not being made for commercial purposes.
In the event that there are fees, I would be grateful if you would inform me of the total charges in advance of fulfilling my request. I would prefer the request filled electronically, by e-mail attachment if available or CD-ROM if not.
Thank you in advance for your anticipated cooperation in this matter. I look forward to receiving your response to this request within 20 business days, as the statute requires.
Sincerely,
Jurre van Bergen
From: U.s. Cyber Command
Good morning Mr. Van Bergen,
Thanks for your request. Before we initiate this action, we want to be sure that you concur with our interpretation, which we think may be the gist of what you're looking for:
"Assessments or investigations resulting from security vulnerabilities and exploits shared via Metasploit Project."
As worded in your email, the "any records" caveat associated with multiple keywords is problematic for us, as it does not enable an organized, non-random search.
Are you satisfied with our interpretation of your request, or would you like to provide a different description of the desired records that will help us locate them with a reasonable amount of effort?
v/r
Garth
Garth C.
USCYBERCOM FOIA
(301) 688-3585
-
~WRD000
From: Jurre van Bergen
Good afternoon,
Thanks for checking back and sorry for the vague wording.
I think for now your suggestion will do.
Please continue with: "Assessments or investigations resulting from security vulnerabilities and exploits shared via Metasploit Project."
Best,
Jurre
From: U.s. Cyber Command
No sweat! Sounds good.
Thank you,
Garth
Garth C.
USCYBERCOM FOIA
(301) 688-3585
-
~WRD000
From: U.s. Cyber Command
Mr. Van Bergen,
Acknowledgement letter attached.
Please don't hesitate to reach out if you have any questions or concerns.
v/r
Garth
Garth C.
USCYBERCOM FOIA
(301) 688-3585
-
image001
From: Muckrock Staff
To Whom It May Concern:
I wanted to follow up on the following Freedom of Information Act request, copied below, and originally submitted on Feb. 4, 2020. Please let me know when I can expect to receive a response.
Thanks for your help, and let me know if further clarification is needed.
From: Muckrock Staff
To Whom It May Concern:
I wanted to follow up on the following Freedom of Information Act request, copied below, and originally submitted on Feb. 4, 2020. Please let me know when I can expect to receive a response.
Thanks for your help, and let me know if further clarification is needed.
From: Muckrock Staff
To Whom It May Concern:
I wanted to follow up on the following Freedom of Information Act request, copied below, and originally submitted on Feb. 4, 2020. Please let me know when I can expect to receive a response.
Thanks for your help, and let me know if further clarification is needed.
From:
Hi Jurre,
Thanks for reaching out. CYBERCOM FOIA office has been operating at a reduced level during the pandemic. As such, we are experiencing delays in processing.
We are still in the search phase of this request. When the search is complete and a document universe has been defined, I will be able to provide you with an accurate estimated date of completion.
Appreciate your patience and understanding very much. Stay safe!
v/r
Garth
USCYBERCOM FOIA
(301) 688-3585
CYBERCOM_FOIA@cybercom.mil<mailto:CYBERCOM_FOIA@cybercom.mil>
-
~WRD000
From: U.s. Cyber Command
Good morning Mr. Van Bergen,
Please find final response letter attached.
Feel free to reach out anytime if you have questions or concerns.
Have a great weekend.
v/r
USCYBERCOM FOIA
(301) 688-3585
-
image001
Files
pages