Modern field guide to security and privacy

Is this tech firm helping FBI agents hack the San Bernardino iPhone?

An Israeli paper reported that Tel Aviv tech firm Cellebrite is helping the FBI unlock the San Bernardino shooter's iPhone. The company is a major player in the growing mobile forensics market and touts its ability to break into any mobile device.

Eduardo Munoz/Reuters
A worker checks an iPhone in a repair store in New York, February 17, 2016.

“No device is bulletproof."

An executive at the Israeli tech firm Cellebrite said that two years ago after the company's cellular data recovery systems helped exonerate a suspect in a Tel Aviv murder case.

Now the company with deep ties to the Israeli military’s vaunted cyberespionage unit 8200 is in the spotlight again. This time the case has international significance because it involves the iPhone used by the San Bernardino, Calif., shooter Syed Rizwan Farook that's led to a months-long legal battle between the FBI and Apple.

After putting intense legal pressure on Apple to help federal investigators unlock the iPhone, the FBI said earlier this week that it was working with an anonymous "third party" to gain access to the device. According to an unconfirmed report in the Israeli daily Yediot Ahronoth on Wednesday, the company is Cellebrite, a wholly owned subsidiary of Japan’s Sun Corp. An employee at Cellebrite, which is based in the Tel Aviv suburb of Petach Tikvah, didn’t respond to repeated requests for comment.

The FBI has also refused to identify the company it's working with in the case. Speaking to reporters Thursday, FBI Director James Comey said that over the weekend an "individual" approached the agency about a possible solution. "It looks like it may work out. We are optimistic," he said.

A successful hack of the iPhone via Cellebrite or another third party would seemingly avoid litigation between the Justice Department and Apple, the world’s leading technology company, and cool off a growing debate over encryption that has erupted between the tech community and US government officials.

Cellebrite certainly has the profile of a company that could be working with the US investigators on the iPhone hack. It appears to have signed a contract with the FBI on Monday for $15,000 to perform "software renewals for seven machines." 

The 17-year old company initially focused on transferring personal contact data between mobile devices, but in recent years developed software that helps law enforcement and security agencies gain access to and recover encrypted or erased data from all shapes and sizes of mobile devices. It has become a significant player in the multibillion-dollar mobile forensics marketplace that is exploding along with the adoption of more smartphones and tablets.

"There are only one or two companies with that kind of knowledge’" to access the encrypted data on an iPhone, says Dudu Mimran, a mobile security expert at Ben Gurion University’s cybersecurity laboratory.

Replicating information about Apple’s proprietary security architecture is onerous task, he said. "It’s not magic. It’s a matter of deep expertise, and an accumulation of research – and that research consumes a lot of time. I don’t think there’s a simple trick to it or everyone would be doing it.’"

In fact, a 2013 notice of FBI plans to purchase Cellebrite’s systems praised the company for being one of the sole systems able to swiftly extract photos, videos, deleted call registries and text messages on 95 percent of mobile phones – including a range of iPhone models.

"Half an hour with your telephone, and we can know everything," said Cellebrite executive Yossi Carmil in a 2013 interview with the Israeli newspaper Haaretz.

A year later, Cellebrite reportedly helped recover WhatsApp messages that had been deleted from a cellphone in a high-profile murder investigation in Israel. Those recovered files helped prove the innocence of an indicted suspect by demonstrating that the state’s star witness had obstructed the investigation.

With thousands of customers in 100 countries, Cellebrite touts itself as having "the most advanced solution" for forensic extraction, decoding and analysis of data from the Apple handsets. A YouTube video gives a demonstration for customers of how to hack an iPhone.

In the Haaretz interview, Mr. Carmil walked through the company’s archive thousands of mobile phone devices during an on-camera interview and explained its techniques. He said the company exploits the fact that flash memory devices used in mobile phones contain algorithms that seek to save phone data for as long as possible even if the owner deleted the information.

"If there are 100 security agencies in the world using systems to unlock mobile devices, we are working with 40 of them,’" said Carmil.

The company, which has offices in New Jersey and Germany, has recently expanded its workforce, which numbers around 500.

Not surprisingly, many of the hackers employed by the company come out of an Israeli military intelligence unit 8200, which is renown for cyberespionage and code breaking abilities. 

“Unit graduates bring with them a certain know-how that’s learned inside of the unit which I can’t elaborate on," said Carmil in an interview with Israeli news website NRG. "For us, that constitutes a relative advantage."

 

You've read  of  free articles. Subscribe to continue.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.