The FBI has been trying to hack into the iPhone used by the San Bernardino shooter for months. But this week, when the Justice Department suddenly announced that a mysterious "outside party" was helping investigators access the data, security experts wondered who might be capable of cracking Apple's encryption.

Now, all eyes are on an Israeli cybersecurity company whose past connections and recent movements suggest it may be the FBI's white knight.

Israeli newspaper Yedioth Aharonot reported Wednesday that the unidentified party is Cellebrite, based just outside Tel Aviv. But the FBI and Cellebrite have refused to confirm any relationship. And on Thursday, unnamed law enforcement officials speaking on background to USA Today squashed reports of a partnership.

Mashable has learned, however, that the company's executive vice president for mobile forensics, Leeor Ben-Peretz, spent the last few days in the United States. According to a person who recently worked with the company and who spoke on condition of anonymity, Ben-Peretz is Cellebrite's top executive who would demonstrate its forensics capabilities.

On Thursday evening, Ben-Peretz landed back at Israel's Ben Gurion Airport. He was surprised — and not very happy — to receive a phone call from me. "Did you demonstrate Cellebrite's capabilities to the FBI?" I asked.

"What I did in the U.S. is my own business," he replied. "I will not comment on this. ... I can’t add any more details on this issue."

Cellebrite co-CEO Yossi Carmil also declined to comment on Thursday.

If Cellebrite can help the FBI get past the passcode lock on the iPhone in question, it would be a stunning reversal in a case that had Apple and the U.S. government preparing for an epic court battle.

The FBI wanted a federal court to compel Apple to help it retrieve information from the iPhone, which was used by Syed Farook, who together with his wife killed 14 people and wounded 22 others in the San Bernardino, California, shootings last December. But on Monday, one day before a scheduled hearing in the case, the Justice Department said it might not need Apple's help after all.

"As a result of the worldwide publicity and attention on this case, others outside the U.S. government have continued to contact the U.S. government offering avenues of possible research," prosecutors told the court. "On Sunday, March 20, 2016, an outside party demonstrated to the FBI a possible method for unlocking Farook’s iPhone."

A collaboration between Cellebrite and the FBI shouldn't come as a surprise and certainly wouldn't be a first. Court records from recent years reveal that Cellebrite has worked with the FBI and with other U.S. agencies in a number of cases.

In 2014, for example, a federal court of appeals in New York considered testimony from an FBI agent who had used Cellebrite technology in a crack cocaine case. Special Agent Stephen Tortorella testified that "he used a device called the 'Cellebrite Universal Forensic Extraction Device' to download and review the contents of two cellular phones."

"Tortorella explained his training in the use of Cellebrite technology to retrieve text messages and other data from a cellular phone," the court wrote, adding that he "described how he used Cellebrite to do so in this case."

A 2013 case in federal district court in South Dakota dealt with a BlackBerry that had been confiscated during a child prostitution sting, which was accessed by Agent Craig Scherer of the Department of Homeland Security.

"The machine used to download the data from the BlackBerry was the 'Cellebrite,'" according to court documents. "Scherer selected the types of data he wished to extract. Scherer connected the BlackBerry to the Cellebrite and it transferred the contents including: contacts, text messages, emails, recent calls, pictures, and videos."

The use of Cellebrite technology by law enforcement agencies is not unique to the United States. Court records from Israel also mention use of the company’s products during a military police investigation. And Carmil, the co-CEO, told Israel's TheMarker newspaper in 2013 that UK police had used Cellebrite products to track down violent demonstrators after riots in London two years prior.

Cellebrite was established in Israel in 1999 with a $25,000 investment. Those were the days before people backed up data in the cloud, and the product Cellebrite developed enabled the transfer of data and contacts from one phone to another.

According to the person who worked with the company, Cellebrite then realized it could be extracting much more data from the phones — and started developing its current capabilities.

In 2007 the company was purchased by Japan's Suncorporation. Cellebrite's headquarters is still in Israel, but it owns subsidiaries in the U.S., Germany, Singapore and Brazil.

Cellebrite is known as a leader in its field in Israel. Its website says that by using its products, "decoding and analysis can be performed on locked iOS devices with a simple or complex passcode."

Cellebrite has a secured section at its Israel headquarters where it keeps thousands of phones, according to the person familiar with the company. Phone manufacturers themselves send Cellebrite devices so that Cellebrite can develop systems to fix those phones, or to help users transfer data between phones. "They get them as a prototype from the manufacturer before their release in order to deep-analyze them," the person said. "Later, the manufacturers' labs will use Cellebrite machines to fix such phones from a distance, in a minimum amount of time."

Apple uses Cellebrite devices in some of its own stores, according to The Associated Press.

The machine Cellebrite sells to law enforcement agencies looks like a suitcase belonging to James Bond, with a black box inside. That box comes with dozens of connectors for any existing phone. "You connect the phone to the box from one end and your laptop to the other end, and then you can see what's inside the phone," the person said. "You can also see a map of connections. For example, if you hacked a phone of a terrorist in London and then of a terrorist in New York, you can see if they communicated."

If Cellebrite is indeed helping the FBI in the San Bernardino case, it's not clear whether it is putting its existing technology to use or developing a new way to bypass the iPhone's security.

Not all security experts are convinced that Cellebrite is the FBI's "outside party."

"My guess is that it's not them," wrote security blogger Bruce Schneier. "They have an existing and ongoing relationship with the FBI. If they could crack the phone, they would have done it months ago."

There's also been speculation that this is all just one big publicity stunt for Cellebrite.

But as Jonathan Zdziarski, another security blogger, pointed out, other firms in the business have already come out and stated that they are not involved in the San Bernardino case.

While Cellebrite hasn't confirmed anything, they've also refused to deny it.

Have something to add to this story? Share it in the comments.

Source:
courtesy of MASHABLE

by Uri Blau, MASHABLE

If you have any stories or news that you would like to share with the global online community, please feel free to share it with us by contacting us directly at [email protected]