The CIA Campaign to Steal Apple’s Secrets, Revealed by The Intercept

NEW YORK--()--The Intercept today released “The CIA Campaign to Steal Apple’s Secrets,” by journalists Jeremy Scahill and Josh Begley, showing that researchers working with the Central Intelligence Agency have conducted a multi-year, sustained effort to break the security of Apple’s (NASDAQ:AAPL) iPhones and iPads.

The security researchers presented their latest tactics and achievements at a secret annual gathering, called the “Jamboree,” where attendees discussed strategies for exploiting security flaws in household and commercial electronics. The conferences have spanned nearly a decade, with the first CIA-sponsored meeting taking place a year before the first iPhone was released.

By targeting essential security keys used to encrypt data stored on Apple’s devices, the researchers have sought to thwart the company’s attempts to provide mobile security to hundreds of millions of Apple customers across the globe. Studying both “physical” and “non-invasive” techniques, U.S. government-sponsored research has been aimed at discovering ways to decrypt and ultimately penetrate Apple’s encrypted firmware. This could enable spies to plant malicious code on Apple devices and seek out potential vulnerabilities in other parts of the iPhone and iPad currently masked by encryption.

The revelations that the CIA has waged a secret campaign to defeat the security mechanisms built into Apple’s devices come as Apple and other tech giants are loudly resisting pressure from senior U.S. and U.K. government officials to weaken the security of their products. Law enforcement agencies want the companies to maintain the government’s ability to bypass security tools built into wireless devices.

Under current U.S. regulations, law enforcement agencies can get a court order to access communications channeled through major tech companies and wireless providers. But if those communications are encrypted through a process not accessible by any involved company, the data is essentially meaningless, garbled gibberish. “In a world in which data is encrypted, and the providers don’t have the keys, suddenly, there is no one to go to when they have a warrant,” says Christopher Soghoian, the principal technologist at the American Civil Liberties Union. “That is, even if they get a court order, it doesn’t help them. That is what is freaking them out.”

The U.S. government is certainly not alone in the war against secure communications. British Prime Minister David Cameron has suggested that if he is re-elected, he may seek to ban encrypted chat programs that do not provide backdoor access to law enforcement. “Are we going to allow a means of communications which it simply isn’t possible to read?” Cameron said in a speech in England earlier this year. “My answer to that question is: ‘No, we must not.’”

When the Chinese government recently tried to force tech companies to install a backdoor in their products for use by Chinese intelligence agencies, the U.S. government denounced China. “This is something that I’ve raised directly with President Xi,” President Obama said in early March. “We have made it very clear to them that this is something they are going to have to change if they are to do business with the United States.” But China was actually following the U.S. government’s lead. The FBI has called for an expansion of U.S. law, which would require Apple and its competitors to design their products so that all communications could be made available to government agencies. NSA officials have expressed similar sentiments.

Security experts interviewed by The Intercept point out that the SMURF capabilities were already available to U.S. and British intelligence agencies five years ago. That raises the question of how advanced the current capacity to surveil smartphone users is, especially in light of the extensive resources poured into targeting the products of major tech companies. One GCHQ slide from 2010 stated that the agency’s ultimate goal was to be able to “Exploit any phone, anywhere, any time.”

About the Intercept

The Intercept, a publication of First Look Media, was created by Glenn Greenwald, Laura Poitras, and Jeremy Scahill. To learn more visit https://theintercept.org.

Contacts

for The Intercept
Andy Stepanian, 631-291-3010
andy@fitzgibbonmedia.com
or
Christina DiPasquale, 202-716-1953
christina@fitzgibbonmedia.com

Contacts

for The Intercept
Andy Stepanian, 631-291-3010
andy@fitzgibbonmedia.com
or
Christina DiPasquale, 202-716-1953
christina@fitzgibbonmedia.com