iSpy: How the CIA Targeted Apple

New reporting by The Intercept published Tuesday reveals a years-long effort by the Central Intelligence Agency, alongside partners both inside and outside of government, to crack the digital security systems of the Apple’s signature iPhone and iPad products.

Citing top-secret documents leaked to journalists by Edward Snowden, the latest reporting by Jeremy Scahill and Josh Begley reveals the determination of researchers working for the U.S. spy agency to break through Apple’s encryption system for its widely used portable devices, both of which operate on the company’s iOS operating platform.

According to Scahill and Begley:

The security researchers presented their latest tactics and achievements at a secret annual gathering, called the “Jamboree,” where attendees discussed strategies for exploiting security flaws in household and commercial electronics. The conferences have spanned nearly a decade, with the first CIA-sponsored meeting taking place a year before the first iPhone was released.

By targeting essential security keys used to encrypt data stored on Apple’s devices, the researchers have sought to thwart the company’s attempts to provide mobile security to hundreds of millions of Apple customers across the globe. Studying both “physical” and “non-invasive” techniques, U.S. government-sponsored research has been aimed at discovering ways to decrypt and ultimately penetrate Apple’s encrypted firmware. This could enable spies to plant malicious code on Apple devices and seek out potential vulnerabilities in other parts of the iPhone and iPad currently masked by encryption.

In addition, the report makes reference to attempts by CIA operatives to create a “modified version” of Apple’s proprietary app development software, called Xcode, upon which outside app developers can create new tools for both iPhone and iPad. The reporting says it remains unclear how unwitting developers might be tricked into using the altered version—one researcher quoted in the document described this process as “whacking” the code—but according to the documents, if installed, a backdoor service in the code would “force all iOS applications to send embedded data to a listening post.”

In addition, the CIA researchers claimed the software, could perform these functions as well:

• “Entice” all Mac applications to create a “remote backdoor” allowing undetected access to an Apple computer.
• Secretly embed an app developer’s private key into all iOS applications. (This could potentially allow spies to impersonate the targeted developer.)
• Disable core security features on Apple devices.

Scahill and Begley point out that Apple is among the tech companies that has most consistently and publicly resisted the government’s efforts to exploit the encryption of private computer systems and personal devices.

“Perhaps more than any other corporate leader,” they write, “Apple’s CEO, Tim Cook, has taken a stand for privacy as a core value, while sharply criticizing the actions of U.S. law enforcement and intelligence agencies.”

The new reporting also makes clear that private defense contractors are playing an outsized role in providing research and other assistance to government agencies in developing and executing these clandestine programs. For this program aimed at Apple’s encryption, weapons and aerospace giant Lockheed Martin is singled out as a significant player, which owns the Sandia Lab that hosted the Apple hacking “jamboree” and whose researchers apparently contributed to the program.

“Lockheed Martin’s role in these activities should not be surprising given its leading role in the national surveillance state,” William Hartung, director of the Arms and Security Project at the Center for International Policy and author of Prophets of War, told The Intercept. “It is the largest private intelligence contractor in the world, and it has worked on past surveillance programs for the Pentagon, the CIA and the NSA. If you’re looking for a candidate for Big Brother, Lockheed Martin fits the bill.”

Though Scahill and Begley acknowledge the documents “do not address how successful the targeting of Apple’s encryption mechanisms have been nor do they provide any detail about the specific use of such exploits,” the existence of these efforts, they argue, does reveal the “ongoing campaign aimed at defeating the tech giant’s efforts to secure its products, and in turn, its customers’ private data.”

Read the full article here. And the documents themselves can be viewed here.