Kicking off 2020, security and privacy is a hot topic between the latest standoff between Apple and the FBI over the Pensacola incident as well as Apple reportedly abandoning its plan to bring end-to-end encryption to iCloud backups. With an in-depth report on what a robust iPhone cracking operation looks like from the inside, Fast Company shares some fascinating details and photos of NYC’s $10 million cyber lab.
Fast Company calls New York City’s High Technology Analysis Unit lab “ground zero in the encryption battle” between US government and tech companies like Apple. And it goes way beyond some third-party devices made by companies like Cellebrite or Grayshift.
The lab has been built by Manhattan’s cybercrime unit and district attorney Cyrus Vance Jr. and it includes an RF isolation chamber to give them the best chance of cracking iPhones and iPads before alleged criminals can erase them remotely.
The entrance to the radiofrequency isolation chamber, near the middle of the Lefkowitz Building in lower Manhattan, looks like an artifact from the Apollo program, shielded by two airtight, metallic doors that are specially designed to block electromagnetic waves. Inside the room, against one wall, are dozens of Apple iPhones and iPads in various states of disrepair. Some have cracked glass fronts or broken cases. Others look like they’ve been fished out of a smoldering campfire. Of course, the devices are not there to be fixed. They are evidence confiscated during the commission of alleged crimes.
The district attorney of Manhattan, Cyrus Vance Jr., and the city’s cybercrime unit have built this electronic prison for a very specific purpose: to try, using brute force algorithms, to extract the data on the phones before their owners try to wipe the contents remotely.
The report highlights “nearly 3,000 phones” waiting to be cracked at the lab when Fast Company visited. The High Technology Analysis Unit’s director, Steven Moran says they have created a special, custom process with open source software to deal with the amount of devices they get and to know what third-party vendors to work with for cracking iPhones.
On the day I visited the cyber lab, there were nearly 3,000 phones, most related to active criminal investigations, that Moran had not yet been able to access. The team has built a proprietary workflow management program, using open source software, to triage the incredible volume of incoming devices and to escalate the most important cases. “So if a third party were to say ‘hey, we have a solution that will work on iOS 12.1.2 and it costs X amount of dollars,’ I can see within five seconds that that’s going to affect 16 different phones,” Moran says.
After the San Bernardino case, Manhattan district attorney Cyrus Vance Jr. said they decided to build out the high tech lab.
“We had to figure out what we were going to do with this new situation over which we had no control,” Vance says. So at a cost of some $10 million, Vance decided to build his own high-tech forensics lab—the first of its kind within a local prosecutor’s office.
With that budget, the High Technology Analysis Unit’s director, Steven Moran got some seriously powerful hardware, custom software, and a team of security experts.
The lab’s supercomputer is able to create up to 26 million passcode guesses a second and there’s a “robot that can remove a memory chip without using heat.”
Moran stocked the cyberlab with mind-bending hardware and a crack team of technology experts, many of whom are ex-military. Proprietary software provides prosecutors with real-time information about each smartphone in their possession, which can be removed from the radiofrequency-shielded room using Ramsey boxes—miniaturized versions of the isolation chamber that allow technicians to manipulate the devices safely. In other corners of the lab are a supercomputer that can generate 26 million random passcodes per second, a robot that can remove a memory chip without using heat, and specialized tools that can repair even severely damaged devices.
Another interesting statistic, 4 out of 5 smartphones that the DA’s office in Manhattan get are now locked, when five years ago, only 52% were.
Five years ago, only 52% of the smartphones that the District Attorney’s office obtained were locked. Today, that figure is 82%. Vance says the cybercrime lab is able to successfully crack about half of the phones in his possession, but whenever Apple or Google update their software, they have to adapt.
The Manhattan DA is also aware that the lab he’s been able to create isn’t a possibility for most cities and highlights his belief that it’s not the answer.
Vance is careful to say that he’s not “whining” about the problem. He knows he is better off than 99% of the other jurisdictions in the country. Thanks in part to the billions of dollars the city has collected from prosecuting financial crimes on Wall Street, Vance is able to continue operating his $10 million lab. “But it’s not the answer,” he says, “and it’s not the answer for the country because we are an office that is uniquely able to pay for expensive services.”
In the end, Vance just wants prosecutors to have all the tools available to do their jobs. “You entrust us with this responsibility to protect the public,” he says. “At the same time, they”—Apple and Google— “have taken away one of our best sources of information. Just because they say so. It’s not that some third party has decided, this is the right thing for Apple and Google to do. They just have done it.”
But of course, Apple is likely to change its position or focus on iPhone security and privacy, so the cat and mouse game will continue on.
The full Fast Company piece on Manhattan’s high tech iPhone cracking lab is definitely worth a read.
Images via Fast Company
FTC: We use income earning auto affiliate links. More.