Apple, FBI put Cellebrite in the spotlight

A renewed race over security pits tech giants against the private cybersecurity firm believed to have helped the FBI unlock the iPhone used by one of the San Bernardino, California shooters.
A renewed race over security pits tech giants against the private cybersecurity firm believed to have helped the FBI unlock the iPhone used by one of the San Bernardino, California shooters.

The tentative naming of the Israeli firm Cellebrite as the muscle behind the FBI's ability to hack into the iPhone used by San Bernardino, Calif. shooter Syed Farook without assistance from Apple, has brought this little known company into the spotlight.

The mobile forensics company Cellebrite has been around for 16 years and has supplied the mobile phone industry with a string of products. However, the firm has also flexed its phone hacking chops. Dutch police documents credit Cellebrite software for cracking Blackberry's encryption, a report that Blackberry denies. In addition, Cellebrite has a previous connection with the FBI.

For the iPhone, Cellebrite presumably “captured the NAND memory of the phone and ran an offline attack,” wrote Oliver Lavery, director of research at IMMUNIO, in an email to SCMagazine.com. “The addition of the Secure Enclave in newer iPhones was likely intended to address this kind of well-known attack.”

Assuming that Cellebrite was involved in unlocking the device, how prepared is the firm for a repeat performance, in light of technology companies' emboldened commitment to information security?

The company, founded in 1999 – a year after Google – is certainly a leader in the space. Founded by Yossi Carmil and Ron Serber, Cellebrite initially offered Universal Memory Exchanger (UME), a simple commercial product that enabled cell phone companies to transfer data from one phone to another. These devices are used in many mobile providers' retail locations and are still available in some Apple stores.

The company eventually expanded its offerings beyond UME devices. In 2007, Cellebrite announced its line of mobile forensics tools, called Universal Forensic Extraction Devices (UFED). The same year, the firm was acquired by Sunnyvale, Calif.-based FutureDial and Sun Corporation (Sun Corporation is a FutureDial investor),. Cellebrite is now a subsidiary of the publicly traded Japanese company Sun Corporation.

In August 2013, the FBI awarded a sole-source basis, a fixed price contract, to Cellebrite's U.S. subsidiary. According to the contract notice, Cellebrite would provide two UFED Touch Ultimate Logical and Physical Mobile Forensic Solution Kits to the FBI for forensic casework. Cellebrite also started to provide device forensics training and UFED certification in 2013. A year later, the firm announced a diagnostic tool used to repair smartphones remotely.

Cellebrite now employs between 200-500 individuals worldwide, according to LinkedIn data. The company advertises an ability to bypass Apple's updated software, and its commercial software works on operating systems that include iOS 8 and earlier versions.

The publicity that Cellebrite received when the FBI announced that an outside party had successfully hacked into the iPhone without Apple's assistance now forces technology companies to up their game in securing devices and services provided to customers. The unfolding race will pit tech giants like Facebook, Google and Microsoft against the private cybersecurity firm that helped hack the iPhone used by Farook.

The details of this race are not likely to be known for a long time. In the meantime, the developments do not bode well for the FBI, considering that the agency continues to face a significant shortage of cyber professionals.

The FBI has repeatedly sought to recruit cyber talent, most recently at the RSA Conference in San Francisco earlier this month, as have other government departments and intelligence agencies. At the recent conference, the FBI occupied an oversized booth, where it attempted to woo potential recruits. No less a pitchman than President Obama has attempted to recruit cyber talent to the public sector.

In speaking with SCMagazine.com, Check Point President Amnon Bar Lev, said governments “do not have the capabilities” of the commercial sector in addressing cyber challenges. The result: the outside party that helped the FBI to break into the device and others like it will face an increasingly difficult task as the private sector races to build technologies that are impossible for governments to access.

The FBI doesn't only require assistance from the private sector in hacking into locked iPhones. Last week, the agency sent an urgent memo to U.S. businesses asking for assistance protecting against Samas ransomware, also known as MSIL or Samsam.

In the meantime, the Justice Department has not yet announced whether it will continue to request that Apple unlock an iPhone 5s belonging to drug dealer Jun Feng, who had entered a guilty plea in a Brooklyn drug case. The DoJ has at least 63 confirmed cases in which the agency is using the All Writs Act to request assistance from Apple or Google to retrieve data from mobile devices, according to information compiled by the ACLU. If the DoJ withdraws these requests, Cellebrite and forensics firms like it will see a lot of business in the years ahead.

You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS