Connect with us

Hi, what are you looking for?



FBI Can Keep Details of iPhone Hack Secret: Judge

A federal judge ruled last week that the U.S. Federal Bureau of Investigation (FBI) is not obligated to disclose the details of a hacking tool used to access data stored on an iPhone belonging to the man behind the 2015 mass shooting in San Bernardino, California.

A federal judge ruled last week that the U.S. Federal Bureau of Investigation (FBI) is not obligated to disclose the details of a hacking tool used to access data stored on an iPhone belonging to the man behind the 2015 mass shooting in San Bernardino, California.

USA Today, The Associated Press and Vice Media filed Freedom of Information Act (FOIA) requests in an effort to find out who helped the law enforcement agency hack the iPhone and how much it cost. The FBI refused to provide the information and a judge has agreed with the agency.

The FBI has managed to convince United States District Court Judge Tanya Chutkan that it should not be forced to disclose the information due to national security concerns.

The agency argued that releasing the vendor’s identity could allow adversaries to study that company’s publicly available products in an effort to find weaknesses and create better encryption technology that would prevent future attempts to use the iPhone hacking tool.

The FBI is also concerned that releasing the vendor’s name would subject the company to cyberattacks.

“Since the vendor is not as well equipped to guard against these types of attacks as is the FBI, revealing the vendor’s identity ‘risks disclosure, exploitation, and circumvention of a classified intelligence source and method’,” Judge Chutkan said in her ruling.

As for the price of hacking the San Bernardino terrorist’s iPhone, statements made by James Comey, former director of the FBI, and U.S. Senator Dianne Feinstein suggest that the agency paid roughly $1 million to have the phone unlocked.

Advertisement. Scroll to continue reading.

However, the FBI did not want to disclose the exact amount, arguing that “revealing the price paid for the tool would allow adversaries to determine its usefulness and assess its nature, and would reveal where the FBI concentrates its resources in national security investigations.”

“Releasing the purchase price would designate a finite value for the technology and help adversaries determine whether the FBI can broadly utilize the technology to access their encrypted devices,” the judge said.

Hacking the iPhone of the San Bernardino shooter

In December 2015, Syed Rizwan Farook and his wife, Tashfeen Malik, killed 14 people in a mass shooting in San Bernardino, California. The attackers were later killed in a shootout with police.

Investigators believed at the time that Farook’s work-issued iPhone 5c could contain important evidence, but they could not access the data stored on it because the device was protected by a passcode and the security mechanisms implemented by Apple prevented brute-force attacks.

The FBI tried to convince a judge to force Apple to create a backdoor to the iPhone, but the tech giant refused, arguing that it would create a dangerous precedent. In the end, the law enforcement agency managed to hack Farook’s iPhone with the help of an unidentified “outside party.”

While the FBI reportedly paid roughly $1 million for the tool, which is said to work only for an iPhone 5c running iOS 9, experts later demonstrated that it could have been done via a relatively inexpensive hardware hacking technique called NAND mirroring, which the FBI dismissed in the early stages of the investigation.

Activists asked the FBI to disclose the methods used to crack the phone, but the agency said it had not obtained technical information on how the attack worked or what vulnerabilities it exploited.

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.


Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

CISO Strategy

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...