When the US government wanted to breakk to a dead terrorist’s iPhone several years ago, they approached a little known cybersecurity launch in Australia to help them do so, a Washington Post investigation has revealed. Sydney-based Azimuth Security specializes in providing “best technical services” to clients, according to its website.
These services allowed the FBI to unlock the cell phone of Syed Rizwan Farook, who along with his wife Tashfeen Malik shot and killed 14 people in Southern California during the so-called “San Bernardino terrorist attack“In 2015. At that time, of course, the government wanted to know if the couple had ties to foreign extremist groups, and the killer’s phone data was considered a natural way to find out.
So the government paid Azimuth about $ 900,000 to help them literally crack the case. The company’s contract with the government was revealed by Posten on Wednesday and confirmed by further reporting from motherboard. The news solves a year-long mystery about the identity of the hackers, which similarly has been a well-kept government secret until now.
Although Azimuth is based in Australia, it is actually owned by L3 technologies, a major U.S. defense contractor that offers a variety of defense and intelligence services to major federal agencies such as the Pentagon and the Department of Homeland Security.
According to the Post, it was one of the company’s former researchers, iOS cracking “specialist” David Wang, who helped develop a one-time use chain to break into Farook’s phone. Named “Condor”, the exploit was tested several times at the FBI’s headquarters to ensure that it could securely penetrate the phone’s systems without damaging data. Later, the feds would use it to break into the unit successfully and find that the couple, contrary to their suspicion, had no ties to foreign terrorist networks. (Interestingly, Wang is now being sued by Apple in a seemingly unrelated case, according to the Post.)
The San Bernardino iPhone case sparked what became known as the new “Crypto War” – a battle between Apple and the federal government over encrypted technology. Before it actually cracked the phone, the federal government essentially tried to bully Apple into decrypting its own product – with the FBI suing the phone maker for access in 2016. The technology giant refused, and the lawsuit was then dropped.
At the time, critics argued – and were later proven correct – that the feud was not really about technical access to the phone. Instead, the feds just tried to do it set a legal precedent enabling them to encourage the private sector to decrypt products for them in the future or install backdoors in encrypted technology. In fact, a 2018 Ministry of Justice the inspector’s report showed that the FBI did not really try so hard to find other options before consolidating its lawsuit against Apple. It would just force the technology company to do its job for it.
Writing in 2018, the privacy-centric Electronic Frontier Foundation commented that:
“From the start, we suspected that the FBI’s primary goal in its quest to gain access to an iPhone found in the wake of the December 2015 mass shootings in San Bernardino was not just to unlock that device. Rather, we believed that the FBI intended to obtain a legal precedent in the lawsuit for forcing Apple to sabotage its own security mechanisms. ”
If anything, the new details of the case only confirm the idea that the federal government already has more than enough tools to break into any entity in the country, if it so chooses. As Azimuth’s existence proves, there is actually a thriving market dedicated to selling this access to the police. Giving the government an expanded legal authority to force companies to backdoor their own products seems good, sort of lazy, frankly speaking. As long as they are the top police authority in the country, we might as well expect the FBI to carry out the work of the police itself.