Phone hack­ers for hire

Jonathan Keane finds that many com­pa­nies could hack a phone, but, un­sur­pris­ingly, they don’t advertise

Tech Advisor - - Contents -

When the FBI paid some­one to crack the San Bernardino shooter’s iPhone, it didn’t just deftly by­pass Ap­ple’s ob­jec­tions. It also made the pub­lic aware of the busi­ness side of hack­ing – a busi­ness that is ap­par­ently as lu­cra­tive as it is dis­creet. “The re­cent ar­gu­ment be­tween Ap­ple and the FBI over un­lock­ing an iPhone has likely re­vealed to the pub­lic for the first time that com­pa­nies who spe­cialise in crack­ing mo­bile de­vices even ex­ist,” said Bill An­der­son, chief prod­uct officer at Op­tioLabs (op­, a mo­bile-se­cu­rity de­vel­oper.

Ev­ery­thing we learn about the FBI’s hack­ers makes the sit­u­a­tion more in­trigu­ing. Ini­tial re­ports in­di­cated the agency was us­ing the services of Is­raeli mo­bile foren­sics firm Cellebrite to crack open Syed Rizwan Fa­rook’s iPhone. Since then, a re­port in the Wash­ing­ton Post claimed the FBI hired in­de­pen­dent professional hack­ers, who used a zero-day ex­ploit (a vul­ner­a­bil­ity un­known to Ap­ple). Another re­port re­vealed that the FBI is now will­ing to help lo­cal law en­force­ment agen­cies around the coun­try crack iPhones they have in ev­i­dence.

Though the FBI has re­mained quiet on any specifics, a re­cent re­mark by FBI Di­rec­tor James Comey sug­gested the fee for the hack was well over a mil­lion dol­lars. Most re­cently, the FBI de­clined to di­vulge de­tails to another gov­ern­ment pro­gram (the Vul­ner­a­bil­i­ties Eq­ui­ties Process), claim­ing ig­no­rance of how the hack ac­tu­ally worked.

Cellebrite, or who­ever it may be, is just one com­pany that can at­tempt to un­lock a phone in law en­force­ment’s pos­ses­sion, but now we – and profit-minded hack­ers – also know how profitable this busi­ness can be, pointed out Shane McGee, chief pri­vacy officer at cy­ber­se­cu­rity firm FireEye. “That pub­lic­ity is like a bea­con to vul­ner­a­bil­ity re­searchers and se­cu­rity ex­perts that would oth­er­wise show lit­tle in­ter­est in hack­ing iOS,” he told us.

Be­yond one phone

Fa­rook was us­ing an iPhone 5c, so there could be other vul­ner­a­bil­i­ties in this phone and oth­ers that have yet to be found – and pos­si­bly mon­e­tised. “While most re­searchers that dis­cover vul­ner­a­bil­i­ties prac­tice

The ar­gu­ment be­tween Ap­ple and the FBI over un­lock­ing an iPhone has likely re­vealed to the pub­lic that com­pa­nies who spe­cialise in crack­ing mo­bile de­vices even ex­ist

re­spon­si­ble dis­clo­sure and com­mu­ni­cate those vul­ner­a­bil­i­ties to Ap­ple so they can be patched,” McGee added, “We’ll also see some try­ing to sell their ex­ploits to the high­est bid­der, in­clud­ing the Depart­ment of Jus­tice.”

Foren­sic sci­en­tist and iOS se­cu­rity ex­pert Jonathan Zdziarski has said that he be­lieves it will be busi­ness as usual for mo­bile foren­sics star­tups, but the veil has been lifted. “I be­lieve the only thing this case has done is it’s made the pub­lic more aware of what goes on daily,” added Lewis Daniels from Se­cure Any Mo­bile, on the busi­ness of break­ing en­cryp­tion. “This, of course, will make the hack­ing com­mu­nity more at­trac­tive,” he ar­gued, “as work­ing with the au­thor­i­ties to do what they have the pas­sion for do­ing is a great op­por­tu­nity and le­gal.”

Braden Perry, a lawyer spe­cial­is­ing in reg­u­la­tory and gov­ern­men­tal matters, told us that the Ap­ple-FBI case could en­cour­age se­cu­rity com­pa­nies to help au­thor­i­ties and com­pete for what he called “lu­cra­tive con­tracts.” He noted that th­ese com­pa­nies would have to ad­here to strict guide­lines in their busi­ness re­la­tion­ships, but where this could get muddy is in places out­side of the United States’ ju­ris­dic­tion. This could open up a new av­enue for in­di­vid­u­als and com­pa­nies to try to un­lock phones for what Perry called “more sin­is­ter pur­poses.”

“In the end, the pub­lic an­nounce­ment that iPhones can be un­locked through an out­side party em­pow­ers oth­ers to at­tempt the same,” he ex­plained.

That said, there was a mixed view among many of the peo­ple we spoke with over whether law en­force­ment agen­cies will now seek out ex­ter­nal com­pa­nies’ help rather than serve no­tice to an OS maker, like Ap­ple.

Dr Ye­huda Lin­dell, of Is­raeli en­cryp­tion startup Dyadic Se­cu­rity, sug­gested the FBI might de­cide to stream­line the process by hiring its own hack­ers. “It would make more sense to me that the way law en­force­ment re­spond to this is to de­velop in-house ex­per­tise to do it them­selves,” Lin­dell said. “I can’t see them al­ways go­ing to an ex­ter­nal com­pany.”

Mak­ing an ex­cep­tion

There’s another side to the en­cryp­tion de­bate, where peo­ple want to ac­cess a phone for more sen­ti­men­tal rea­sons. An Ital­ian fa­ther wrote a pub­lic let­ter to Ap­ple in March ask­ing the com­pany to cir­cum­vent the en­cryp­tion on his de­ceased son’s iPhone to re­trieve pho­to­graphs stored on the de­vice. “Don’t deny me the mem­o­ries of my son,” he wrote. Much like some of the fam­i­lies of vic­tims in Fa­rook’s crimes, he may be strug­gling to un­der­stand why an ex­cep­tion can’t be made in such heart­break­ing cir­cum­stances.

Mark Grabowski, com­mu­ni­ca­tions pro­fes­sor at Adel­phi Univer­sity in New York, points out that phone-crack­ing services have al­ways been avail­able on the Deep Web. “De­spite all the pub­lic­ity the FBI’s hack­ing of the iPhone has brought, that’s where they will likely re­main since it is a crime to hack into some­one else’s phone,” Grabowski ar­gued.

The very na­ture of phone hack­ing means that even le­git­i­mate pro­fes­sion­als have good rea­son to main­tain a low pro­file. “While the US gov­ern­ment wants com­pa­nies to help them hack into oth­ers’ phones, I don’t think they want th­ese tricks shared with oth­ers,” Grabowski ex­plained. “So, I don’t ex­pect com­pa­nies to be openly ad­ver­tis­ing th­ese services any­time soon – at least not to hack into third-party mo­bile phones – un­less it’s an ‘eth­i­cal hack­ing’ ser­vice where they’re hired to test their own client’s cell phone se­cu­rity.”

Newspapers in English

Newspapers from UK

© PressReader. All rights reserved.