WASHINGTON, June 4 -- The U.S. government has secretly expanded the National Security Agency's warrantless Internet surveillance to search for evidence of what it called "malicious cyberactivity," The New York Times reported Thursday, citing classified documents provided by former NSA contractor Edward Snowden.

U.S. Justice Department lawyers wrote two secret memos in mid- 2012 granting its secret approval for the NSA to begin hunting on Internet cables for data allegedly linked to computer intrusions originating abroad, including traffic that flows to suspicious Internet addresses or contains malware, the report said.

Previously, the Justice Department allowed the spy agency to monitor only Internet addresses and "cybersignatures" that it could tie to foreign governments.

It is not clear what standards the agency is using to select targets, but one internal NSA document boasted that the expanded surveillance activities through hacker signatures "pull in a lot," The New York Times reported.

Brian Hale, spokesman for the Office of the Director of National Intelligence, told the newspaper that it should "come as no surprise" that the U.S. government gathers intelligence on foreign powers which it said attempt to penetrate U.S. networks.

The revelation came days after President Barack Obamasigned into law a surveillance reform bill, the USA Freedom Act, which places some limits on the NSA's bulk phone metadata collection program, but it did not apply to the warrantless wiretapping program, which was legalized in 2008.