The FBI’s race to hack into the cellphone of slain San Bernardino shooter Syed Rizwan Farook was hindered by poor internal communication, but officials did not mislead Congress about their technological capabilities, according to an inspector general’s report released Tuesday.
After the December 2015 terror attack, the FBI waged a high-profile public fight to force Apple Inc. to unlock the iPhone, even going to court in a case that pitted national security against digital privacy.
The watchdog report opens a window into the shadowy units inside the FBI that try to hack into computers, and the internal tensions between technicians engaged in national security investigations and those working on criminal cases.
One official was unhappy after the bureau hired an outside technology company to help it unlock the phone, the report said, because that undercut the legal battle against Apple.
“Why did you do that for?” the report quotes the official as saying.
More than two years after the struggle over Farook’s phone, the FBI says the problem of encrypted devices is more difficult than ever. The method used to hack Farook’s iPhone 5c — which cost the FBI more than $1 million — quit working as soon as Apple updated the phones.
In 2017, the FBI was unable to access data on 7,775 devices seized in investigations, according to director Christopher Wray.
“This problem impacts our investigations across the board,” Wray said in January at a speech at a cybersecurity conference, calling it “an urgent public safety issue.”
On Dec. 2, 2015, Farook, a health department worker for San Bernardino County, and his wife, Tashfeen Malik, attacked a holiday party for Farook’s co-workers, killing 14 people and injuring many others. The couple was killed in a shootout with police.
The FBI, trying to figure out whether anyone else was involved in the plot, thought that Farook’s county government-issued cellphone might have the answer. In February, the bureau announced that its technicians were unable to get into the iPhone, which they feared had been set up with a security feature by Farook that would permanently destroy encrypted data after 10 unsuccessful login attempts.
The bureau asked Apple to write software that would disarm that security feature, allowing agents to keep trying codes until one worked, but the company refused. Tim Cook, the company’s CEO, said such a backdoor could compromise security for Apple customers.
“[T]he U.S. government has asked us for something we simply do not have, and something we consider too dangerous to create,” he said in a statement at the time.
The dispute ended up in federal court, as the government sought an order forcing Apple to comply.
Then-FBI Director James B. Comey, in testimony to Congress on Feb. 9 and March 1, 2016, said the bureau was unable to get into the phone without Apple’s help. Amy Hess, then the FBI’s executive assistant director in charge of the technology division, said the same thing in her testimony.
But inside the bureau, even though top officials had ordered a “full court press,” not everybody was working on the problem, the inspector general found.
The digital forensic experts at the bureau’s Cryptographic and Electronic Analysis Unit had tried and failed to get into the phone. But the leader of another squad, the Remote Operations Unit, said he never learned about the issue until a staff meeting in February. He started contacting the unit’s stable of hackers to see whether anybody had a solution.
That supervisor said he believed he wasn’t asked for help sooner because the FBI had “a line in the sand” that blocked the unit’s classified hacking techniques from being used in domestic criminal cases.
“He said this dividing line between criminal and national security became part of the culture in [the technology division] and inhibited communication,” the report says. Other officials told the inspector general that no such line existed.
As it happened, the report found, one of the bureau’s hacking outfits had been working on cracking the iPhone for months and was close to a solution.
The FBI called off the court fight on March 28, saying it no longer needed Apple’s help.
The FBI eventually found that Farook’s phone had information only about work and revealed nothing about the plot.
After the outside vendor surfaced, the cryptographic unit chief “became frustrated that the case against Apple could no longer go forward,” the report says. Hess said the bureau had viewed the Farook phone as “the poster child case” that could help it win the larger political struggle to access encrypted devices.
The inspector general’s inquiry began after Hess reported concerns about the internal conflicts and said she was worried that FBI staff had deliberately kept quiet about their capabilities and allowed Comey and her to give false testimony to Congress.
That wasn’t the case, the inspector general found, because the bureau hadn’t figured out how to crack the phone at the time of those hearings. Through a spokesman, Hess, now special agent in charge of the FBI’s Louisville office, declined to comment.
The FBI said it agreed with the recommendations in the report and said it is now setting up a new unit to consolidate resources and improve communication between people working on encryption issues. Communications problems also were addressed through “a change in leadership” of the units involved, the bureau said.