An Israel-U.S. Merger Creates An Apple Hacking Powerhouse For The Feds

An Israel-U.S. Merger Creates An Apple Hacking Powerhouse For The Feds

US Attorney General William Barr on Apple Pensacola situation

U.S. Attorney General William Barr is engaging in a new war of words with Apple, as it seeks access … [+]OSCAR RIVERA/AFP VIA GETTY IMAGES

By: Thomas Brewster

Associate editor at Forbes, covering cybercrime, privacy, security and surveillance.

As Attorney General William Barr criticizes Apple for not helping the FBI unlock iPhones of the Pensacola Navy base shooter, a merger between two digital forensics providers promises to create a one-stop-shop for the feds’ Apple hacking needs.

Cellebrite, the world’s biggest computer and smartphone forensics provider, has bought U.S.-based BlackBag Technologies. Though it has the ability to extract data from Windows, iOS and Android, it’s one of the go-to providers of Apple Mac hacking tools, in particular its MacQuisition software.

Cellebrite, meanwhile, has built a name on being able to break into Androids and iPhones for law enforcement and intelligence agencies. BlackBag also has a partnership with Grayshift, the U.S.-based company whose GrayKey can break into many versions of Apple’s famous smartphone, which could bring three of the leading companies in the sector together.

Grayshift has been a major rival to Cellebrite since Forbes revealed the existence of the GrayKey maker in 2018. Cellebrite hasn’t responded to questions about how the merger would affect BlackBag’s relationship with Grayshift. Financial details of the acquisition were not disclosed, but reports claimed the deal is worth $33 million.

Major U.S. federal and local policing agencies, including the FBI, ICE and the Secret Service, use technologies from all three. Cellebrite and Grayshift even signed contracts with the Executive Office of the White House in 2019, according to contracts unearthed by Forbes. The reasons for Trump’s purchases of those technologies has not yet been revealed.

Forbes has reported on GrayShift and Cellebrite capabilities to break into many versions of the iPhone, including the 5 and 7 models that the Wall Street Journal reported the Pensacola shooter used. It may be that an iOS update has hindered the feds, however.

Grayshift's GrayKey brochure 2018

GrayKey iPhone and iPad device support

FORBES MAGAZINE

As Forbes recently reported, last year government officials in Ohio used a GrayKey to get access to data on an iPhone 11 Pro Max, Apple’s most recent iPhone release, though it’s unclear if they needed to break the passcode with Grayshift’s device.

FBI v. Apple back on

The acquisition lands as the FBI is seeking help from Apple to break into two iPhones belonging to Mohammed Saeed Alshamrani. The Saudi Royal Airforce officer shot dead three people at Naval Air Station Pensacola before being shot and killed by police in December.

Attorney General Barr said Apple had provided no “substantive” help in the case thus far, though Apple said it’s already handed over iCloud and other data it holds on Alshamrani. As previously reported, the matter has been complicated in that one of the phones was reportedly damaged by a bullet during the incident.

The last time the FBI demanded Apple help unlock phones occurred in 2016 when feds wanted access to the iPhone 5C of the San Bernardino shooter. Apple refused to help, but the feds got into the phone anyway with the help of a third party. Cellebrite was rumoured to have been that third party, though this was later reported false, and the name of the contractor has not yet been disclosed.

The government claims to have already tried tools from contractors, but they are yet to work.

DFC Main Logo

Digital Forensic Community