In 2014 a freedom of information request was made for the information about “Operation Aurora” (a malicious cyber attack against several targets including Adobe, Northrup Grumman, Juniper and Rackspace).
The FBI replied with “there is no information”.
The DHS replied that there were 1030 pages, f which 710 and two videos were okay to release in their entirety, 107 pages were partially releasable and 212 pages had to be withheld.
However DHS confused Operation Aurora with the Aurora Generator Test. When questioned about this DHS initially responded they had no concerns about the wrong information being released. Eventually DHS made a statement saying that what was released had been thoroughly reviewed so no infrastructure security would be compromised even though it was the wrong info.
Cyber experts disagreed and felt that several pages that shouldn’t have been declassified provided a specific hit list of critical US infrastructure and how to attack it.
Oops.
I’m not sure which concerns me more, that the FBI and DHS responding completely differently, or that DHS released some information that they shouldn’t have released. Can we trust the FBI when they withhold information that actually exists? Do we chalk all this up to “human error”? If “AI” were handling this request would it have done a better or worse job?