FBI Barely Tried to Hack San Bernardino iPhone Before Going to Court With Apple

A new report by the Department of Justice’s Office of Inspector General found that the FBI could have done more before going to court and arguing it needed Apple's help to unlock an alleged terrorist's phone.

|
Mar 27 2018, 6:08pm

Image: Mark Reinstein/Shutterstock

The FBI could’ve done more to make sure there was truly no way to hack into the infamous iPhone 5C of the alleged San Bernardino terrorist, according to a new report published by the Department of Justice’s Office of Inspector General.

In 2015, Syed Rizwan Farook killed 14 people in a mass shooting at the Inland Regional Center in San Bernardino, California. When the FBI got its hands on the alleged terrorist’s iPhone, the agency found that it couldn’t access the data inside it because Farook had set up a passcode and encrypted the phone. Weeks later, Farook’s iPhone and the FBI’s inability to unlock it set off one of the most public and contentious legal battles between the US government and a tech company.

The FBI argued that it had no technical way to unlock the phone or hack into it without Apple’s help. Apple argued that helping the FBI would’ve put all iPhone users in danger because it would’ve required the company to weaken the security of all iPhones. The battle ended with a whimper when an unknown “third party” gave the FBI a way to hack in and the FBI abandoned its legal request.

Read more: The FBI Is at War With Apple Because It Couldn’t Change Wiretap Law

As it turned out, the FBI’s own hackers didn’t start working with vendors to find a way to hack into Farook’s iPhone until “the eve” of the FBI’s initial court filing demanding Apple’s assistant on February 16, 2016. Moreover, two different teams within the FBI’s Operational Technology Division (OTD), a department tasked with giving technological assistance to investigations, didn’t communicate with each other to find a solution until late in the investigation, according to the OIG report.

The tech team initially helping with the case was the Cryptologic and Electronics Analysis Unit (CEAU). It was only after a meeting on February 11 that another hacking team within the FBI, the Remote Operations Unit or ROU, started looking into it and started contacting contractors and vendors asking for help.

Got a tip? You can contact this reporter securely on Signal at +1 917 257 1382, OTR chat at lorenzo@jabber.ccc.de, or email lorenzo@motherboard.tv

“The CEAU Chief may not have been interested in researching all possible solutions and instead focused only on unclassified techniques that could readily be disclosed in court,” the OIG report stated.

The office eventually found a “trusted vendor” who was already 90 percent of the way close to finding a solution. At the end of March, the vendor demonstrated the technique to the FBI, solving the problem.

Here’s the conclusion of the report, which can be read in its entirety here.

We received conflicting testimony regarding whether ROU was part of the early outreach efforts to find a solution to the Farook iPhone problem, and we learned that, unbeknownst to anyone, the ROU Chief had only just begun the process of looking for a possible solution to the problem on the eve of the application for a court order being filed – a filing predicated in material part on the notion that technical assistance from Apple was necessary to search the contents of the device. Further, we obtained other information suggesting that not everyone within OTD was on the same page in the search for a technical solution to the Farook iPhone problem, including varying testimony from OTD managers on whether there was a dividing line discouraging collaboration between the units that predominantly do criminal and national security work in OTD, the question asked of internal and external partners during CEAU’s outreach, whether vendors should have been part of CEAU’s outreach effort, and the significance of ROU and the [REDACTED] on issues relevant to the Farook iPhone problem. Further, the CEAU Chief may not have been interested in researching all possible solutions and instead focused only on unclassified techniques that could readily be disclosed in court and that OTD and its partner agencies already had in-hand. We believe all of these disconnects resulted in a delay in seeking and obtaining vendor assistance that ultimately proved fruitful, and that as a result of the belatedly-obtained technical solution, the government was required to withdraw from its previously stated position that it could not access the iPhone in this critical case, and by implication in other cases, without first compelling cooperation from the manufacturer.

Apple declined to comment on the report.

The Justice Department is pushing—once again—to legally force tech companies to build ways to hack into phones, according to a recent report by The New York Times.

The fact that the FBI, with the help of the outside vendor, was able to find a way to hack into Farook’s iPhone within weeks, shows that this new push for backdoors may be doomed to fail. As Motherboard recently reported, even local law enforcement agencies have now cheap ways to unlock iPhones, thanks to new technologies sold by a startup called GrayShift.

Get six of our favorite Motherboard stories every day by signing up for our newsletter.