U.S. Department of Justice
Legal Considerations when Gathering Online Cyber Threat Intelligence and Purchasing Data from Illicit Sources
The Cybersecurity Unit (CsU) prepared this document in response to questions posed by private organizations about the legality of specific cybersecurity measures. It includes contributions from other components of the Department of Justice, such as the National Security Division, and other federal agencies.3 Consistent with the CsU’s mission, this document is intended to help organizations adopt effective cybersecurity practices and to conduct them in a lawful manner.
Publisher – U.S. Department of Justice
Release – February 2020
This document focuses on information security practitioners’ cyber threat intelligence- gathering efforts that involve online forums in which computer crimes are discussed and planned and stolen data is bought and sold. It also contemplates situations in which private actors attempt to purchase malware, security vulnerabilities, or their own stolen data—or stolen data belonging to others with the data owners’ authorization—in Dark Markets.