The FBI used a third-party tool to unlock an iPhone used by San Bernardino shooter Syed Farook. Despite opposition, the FBI won't release any details of the tool.
The tool used by the FBI to unlock an iPhone used by San Bernardino shooter, Syed Farook, will remain under wraps for now. On Monday, a court filing from FBI records management division section chief David Hardy said that the unveiling the method used to unlock the iPhone could "cause serious damage to national security."
The biggest issue, Hardy's filing said, is that releasing the details of the hacking tool could allow bad actors and hackers to understand the current methods being used by the FBI, and understand the weaknesses of those methods. As reported by ZDNet's Zack Whittaker, the news comes as various news outlets are still fighting for information about the tool to be released.
Another reason that the FBI has chosen not to reveal its iPhone hacking tool is because they're likely still using it. According to the filing, "intelligence activities or methods withheld in this case are still used by and/or useful to the FBI today to gather intelligence information."
After a December 2015 shooting in San Bernardino left 14 people killed and 22 others wounded, the FBI asked Apple to unlock the passcode-protected iPhone 5C used by the shooter, Syed Farook. Apple refused, repeatedly, on the grounds of protecting personal privacy for its users. The FBI began looking into other methods.
The US Justice Department filed a lawsuit against Apple, attempting to pressure the company into unlocking the device. A host of rival tech companies showed up in support of Apple, filing a joint motion backing the Cupertino giant.
Leveraging a still-unknown third party, the FBI was able to develop a tool to unlock the iPhone in question without Apple's help. The FBI officially dropped its case against Apple, and Apple then demanded to know how the phone was unlocked.
In early 2016, the FBI unveiled that it paid more than $1 million to "undisclosed hackers" to unlock the phone, and stated that it wouldn't reveal its methods to Apple. For now, at least, it seems that the bureau won't be revealing the methods to anyone else either.
While we still don't know what how the iPhone was vulnerable to the FBI's unlocking tool, most speculation points to the fact that the iPhone 5C lacks Apple's Secure Enclave processor found in later models.
The phone in question was originally owned by the county of San Bernardino and given to Farook, as he worked there. The device wasn't equipped with a mobile device management (MDM) solution, which could have been used to unlock the phone much sooner. The FBI/Apple debacle highlights the need for stronger device management and security among IT and business leaders.
The 3 big takeaways for TechRepublic readers
- A recent court filing from the FBI's David Hardy says the bureau won't reveal its method used to unlock the iPhone used by the terrorist shooter in the 2015 San Bernardino attack.
- The filing claims that unveiling the details of the method could allow attackers to understand the weakness of the FBI's methods, and the FBI is still using the tool to gather information.
- By revealing the vulnerability of the iPhone to hacking, the case highlights the need for stronger security and mobile device management in enterprise IT.
- Apple/FBI saga: The only winners may be cybercriminals (TechRepublic)
- Apple won't sue FBI to reveal hack used to unlock seized iPhone (ZDNet)
- How to configure email encryption in Apple Mail (TechRepublic)
- FBI says it can't release iPhone hacking tool because it might still be useful (ZDNet)
- A troubling trajectory of malware and ransomware targeting OS X and iOS (TechRepublic)