The CIA Has Been Hacking iOS for Years: Report
03/12/15 2:09 PM PT
The United States’ Central Intelligence Agency for years has been working to break iOS security, according to a report published Tuesday in The Intercept.
The allegations are based on documents provided by NSA whistle-blower Edward Snowden.
Researchers working with the CIA have presented their tactics and achievements at Trusted Computing Base Jamborees, secret annual gatherings that have been going on for nearly a decade.
They have been using both physical and noninvasive techniques to penetrate Apple’s encrypted firmware — possibly to plant malicious code on Apple devices, as well as to seek out potential vulnerabilities in them.
“If you crack Apple, then you have the ability to get inside the phones of a major portion of the market,” said Eric Cowperthwaite, vice president for advanced security and strategy at Core Security.
Factor in that iOS is “generally considered to be the most secure smartphone operating system,” and iOS is a “very attractive, very large target,” he told TechNewsWorld.
“In the long run, this stuff we see happening with the CIA, NSA, Chinese security agencies and many others polluting the security of these various ecosystems is really bad for trust and for security,” Cowperthwaite added.
The Xcode Factor
The CIA researchers apparently have created a modified version of Apple’s Xcode integrated development environment that lets users sneak surveillance backdoors into apps or programs developed for iOS and OS X.
However, it’s not clear how devs will be lured into using the tainted version of Xcode.
The researchers also have modified the OS X updater to install a keylogger, according to the report.
Microsoft’s BitLocker full disk encryption system has been targeted as well.
Private-Public Sector Cooperation
Sandia National Laboratories researchers are among those who have presented work on cracking Apple security at the jamborees, which are sponsored by the CIA’s Information Operations Center. The center reportedly conducts covert cyberattacks against targets.
NSA personnel participated in at least the 2012 Jamboree, which was held at a facility in northern Virginia belonging to defense contractor Lockheed Martin, according to the leaked information. Sandia is a wholly owned Lockheed subsidiary.
“The use of overt cybersnooping and forced intellectual property disgorgement as an impediment to foreign trade is a unique and innovative strategy, certain to provoke negative responses from companies and governments alike,” said Philip Lieberman, president of Lieberman Software.
Your Tax Dollars at Work
The CIA’s activities are part of a secret U.S. government program — included in the 2013 Congressional Budget Justification — whose goal is to break the authentication and encryption of communications products, according to The Intercept.
Both iOS and the iCloud repeatedly have been hacked.
iOS hacker Jonathan Zdziarski last year unveiled a host of iOS vulnerabilities at the Hope/X hackers’ conference in New York. They included undocumented services that bypassed backup encryption.
Why has the CIA been investing in crypto research instead of just leveraging the attacks published on the Web?
“Intelligence-gathering techniques require the evaluation and use of all types of methods and means to achieve the best information quickly and at the lowest possible cost,” Liebermann told TechNewsWorld. “Even the government is concerned with ROI.”
No Impact on Enterprise Mobility
Should enterprises be concerned?
“Most enterprises won’t be resilient against a nation-state or intelligence community adversary, nor do they really need to be worried about nation-states,” Veracode VP of Security Research Chris Eng told TechNewsWorld.
On the other hand, “How will CISOs secure systems when they don’t know what’s been polluted by government agencies?” asked Core Security’s Cowperthwaite.
What Should Apple Do?
“The ball’s in Apple’s court now,” said Jon Rudolph, principal software engineer at Core Security.
“They have to decide if they are going to sell a product that is CIA-proof — I’d buy two — or make it even easier for the removal of the last drop of my personal data, as was indicated last year,” he told TechNewsWorld.
Apple has to consider the balance between privacy and national defense, remarked Lieberman. “There is no clear or right path — only a daily need to keep every stakeholder equally dissatisfied with privacy and national security needs.