Push to unlock iPhone hurt by FBI squabbles
Report cites internal communication as an issue in San Bernardino terror probe
After the December 2015 terror attack, the FBI waged a public fight to force Apple Inc. to unlock the iPhone, even going to court in a case that pitted national security against digital privacy.
The watchdog report opens a window into the shadowy units inside the FBI that try to hack into computers, and the internal tensions between technicians engaged in national security investigations, and those working on criminal cases.
More than two years after the struggle over Farook’s phone, the FBI says the problem of encrypted devices is more difficult than ever. The method used to hack Farook’s iPhone 5c — which cost the FBI more than $1 million — quit working as soon as Apple updated the phones.
In 2017, the FBI was unable to access data on 7,775 devices seized in investigations, according to Director Christopher Wray.
“This problem impacts our investigations across the board,” Wray said in January at a speech at a cybersecurity conference, calling it “an urgent public safety issue.”
On Dec. 2, 2015, Farook, a health department worker for San Bernardino County, and his wife, Tashfeen Malik, attacked a holiday party for Farook and his co-workers, killing 14 people and injuring many others.
The couple was killed in a shootout with police.
The FBI, trying to figure out if anyone else was involved in the plot, thought that Farook’s county government-issued cellphone might have the answer.
In February, the bureau announced that its technicians were unable to get into the iPhone, which they feared had been set up with a security feature by Farook that would permanently destroy encrypted data after 10 unsuccessful login attempts.
The bureau asked Apple to write software that would disarm that security feature, allowing agents to keep trying codes until one worked, but the company refused. Tim Cook, the company’s CEO, said such a backdoor could compromise security for Apple customers.
“(T)he U.S. government has asked us for something we simply do not have, and something we consider too dangerous to create,” he said in a statement at the time.
The dispute ended up in federal court, as the government sought an order forcing Apple to comply.
Then-FBI Directror James Comey, in testimony to Congress on Feb. 9 and March 1, 2016, said the bureau was unable to get into the phone without Apple’s help. Amy Hess, then the FBI’s executive assistant director in charge of the technology division, said the same thing in her testimony.
But inside the bureau, even though top officials had ordered a “full-court press,” not everybody was working on the problem, the Inspector General found.
The digital forensic experts at the bureau’s Cryptographic and Electronic Analysis Unit had tried and failed to get into the phone.
But the leader of another squad, the Remote Operations Unit, said he never learned about the issue until a staff meeting in February. He started contacting the unit’s stable of hackers to see if anybody had a solution.
That supervisor said he believed he wasn’t asked for help sooner because the FBI had “a line in the sand” that blocked ROU’s classified hacking techniques from being used in domestic criminal cases.
“He said this dividing line between criminal and national security became part of the culture in (the technology division) and inhibited communication,” the report says. Other officials told the Inspector General that no such line existed.
As it happened, the report found, one of the bureau’s hacking outfits had been working on cracking the iPhone for months and was close to a solution.
The FBI called off the court fight March 28, saying it no longer needed Apple’s help.
The FBI eventually found that Farook’s phone only had information about work and revealed nothing about the plot.
After the outside vendor surfaced, the cryptographic unit chief “became frustrated that the case against Apple could no longer go forward,” the report says. Hess said the bureau had viewed the Farook phone as “the poster child case” that could help it win the larger political struggle to access encrypted devices.