This article is about “The FBI Has New Hacking Powers”.We will discuss each and everything about this in our article.

Introduction about The FBI Has New Hacking Powers:

In April 2016, the US Supreme Court approved a revised version of Rule 41 of the Federal Rules of Criminal Procedure. These amendments empower US judges to issue search warrants that allow US law enforcement to remotely search computers located in any jurisdiction.

According to Google and the American Civil Liberties Union (ACLU), the approved rule may allow the US Federal Bureau of Investigation (FBI) to conduct mass computer hacking. Senator Ron Wyden of Oregon believes such hacks will target not only the computers of criminal suspects, but also the computers of victims of cybercrime.

The purpose of this article is to examine the implications of the expanded hacking powers (Section 2) and to discuss the new hacking powers in the context of the FBI’s history of hacking (Section 3). Finally, a conclusion is drawn (Section 4).

Implications of Extended Hacking Powers

Because amended Rule 41 does not define the term “remote search,” it can be interpreted to permit all types of hacking of computers owned by US and non-US residents. So the approved rule may usher in an era of “mass hacking.”

Although the FBI had already demonstrated its mass hacking capabilities (see Section 3 of this article), it was severely limited by Rule 41. To illustrate, some of the evidence the FBI collected from the deployment of malware on at least a thousand computers during “Operation Pacifier” was not accepted by US courts. That’s because the evidence was collected in violation of Rule 41.

What else makes “Operation Pacifier” interesting from a privacy perspective is the fact that the FBI hacked computers in Denmark, Greece and Chile during the operation.

It should be noted that under the new version of Rule 41, the FBI may be authorized to hack not only the computers of criminals, but also the computers of victims of information security attacks. For example, the FBI may be authorized to hack all 1.9 million computers that were controlled by ZeroAccess, one of the latest botnets. The term “botnet” refers to some computers that have been set up to send data (such as spam and viruses) to other computers on the Internet.

Legitimate users of botnet computers are usually unaware that their computers are being used in this way. However, because infected computers are de facto attacking other computers, the FBI can treat infected computers the same as cyber attackers’ computers.

Proponents of the amended Rule 41 argue that the FBI will use the evidence it collects only for legitimate purposes. While this may be true, there is no guarantee that the FBI will not be hacked and, as a result, the collected evidence will end up in the hands of data brokers. The larger the figure, the greater its monetary value. According to TrendMicro, 300 IP addresses are worth $6 on the Russian black market for personal data. So the IP addresses of the 1.9 million computers connected to ZeroAccess will be worth $38,000, which is enough to incentivize hackers to steal the IP addresses. from the FBI.

Related article:The Hacker Methodology 2023

Numerous reports related to FBI data hacking can be found. For example, on February 13, 2016, FoxNews reported that: “A 16-year-old boy living in England has been arrested in connection with the recent hacking of FBI and DHS data, as well as CIA Director John’s personal email accounts. Brennan and Homeland Security chief Jeh Johnson.”

History of FBI hacking

The information in this section demonstrates that the FBI has the knowledge and experience necessary to conduct mass computer hacking. Below, we briefly discuss four tools used to fight cybercrimes throughout the FBI’s hacking history, namely the Carnivore and Magic Lantern keyloggers (section 3.1), the computer address and Internet protocol verifier (section 3.2), and the network investigation technique (section 3.3). Next, we will discuss a hacking technique commonly used by the FBI, namely the exploitation of security vulnerabilities (Section 3.4).

Keyloggers

Keylogging can be defined as a technique for recording keystrokes on a keyboard. Typically, keystroke logging is done without the consent of the person whose keystrokes are being monitored. Below we discuss two tools used for keystroke logging, namely Carnivore and Magic Lantern.

Carnivore. Carnivore is the first publicly released computer investigative software used by the FBI. It was designed in 1998 to allow the FBI to capture criminal suspects. The software was based on packet sniffing technology. It allowed FBI computers to connect to the suspect’s IP address and monitor all of the target user’s Internet traffic. Carnivore has been used to investigate specific illegal activities such as child pornography, terrorism, fraud and espionage. To use Carnivore in a particular case, the FBI was required to (1) provide sufficient evidence that the targeted user may have been involved in a crime and (2) obtain a warrant. The software was replaced in 2005 due to its inability to decode the rapidly evolving encryption.

Magic lantern.

The Magic Lantern was an advanced version of the Carnivore. Magic Lantern operated as a Trojan horse distributed via an email attachment. Once installed on a suspect’s computer, the magic lantern allowed investigators to monitor all activities performed on the target’s computer, including keystrokes and web browsing patterns. In addition, the software was able to remotely retrieve encryption keys from the computers on which it is installed and transfer them to the FBI.

Considering Carnivore and Magic Lantern, one can imagine a theoretical situation where the FBI installs keylogger software on millions of hacked computers to see if some users of those computers are involved in hacks.

Computer Address and Internet Protocol Verifiers

CIPAV (Computer and Internet Protocol Address Verifier) ​​used by the FBI became widely known in 2007. CIPAV is used to collect data from suspect computers such as IP addresses, Ethernet MAC addresses, lists of running programs, default browser types, and most recently URLs visited. CIPAV can be distributed through phishing, i.e. asking the target user to click on a link to a CIPAV-contaminated web page.

In 2007, the software allowed the FBI to track down a 15-year-old student suspected of sending bomb threats to a Washington high school. In this case, CIPAV was installed via a link posted in a MySpace chat room. It is important to note that the US Foreign Intelligence Surveillance Court has officially approved CIPAV as a tool for detecting potential terrorist attacks. The FBI, empowered by Rule 41 as amended, can send links to websites containing CIPAV to thousands of suspected terrorists, many of whom may be innocent individuals.

Network investigation technique

Network Investigative Technique (NIT) is software used by the FBI to detect digital crimes. Similar to CIPAV, NIT is malware that starts sending data to the FBI once it is installed on a target computer. NIT was recently used to detect visitors to the child pornography website “Playpen”. To identify the site’s users, the FBI transferred the seized site to its own servers in the US. Then the FBI began infecting the computers of web users with the NIT tool. The new version of Rule 41 will allow the FBI to install NIT and similar software on popular websites, infecting the computers of thousands of victims of botnet attacks.

Exploitation of security vulnerabilities

After the terrorist attack in San Bernardino in 2015, the FBI had a difficult task to access the data stored on the iPhone of one of the terrorists. The task was difficult because entering 10 incorrect PIN codes would wipe out all the data stored on the phone. Instead of trying to enter random PIN codes, the FBI decided to work with a group of professional hackers. Hackers sold information about iPhone security flaws to the FBI. Using this information, the FBI was able to collect evidence from the terrorist’s iPhone. Under the amended Rule 41, the FBI can purchase information about security weaknesses in widely used devices (such as the iPhone) and remotely hack large numbers of such devices.

Conclusion

In this article, we showed that the approved changes to Rule 41 would allow the FBI to hack an unlimited number of computers with a single command. For example, compromised computers can exploit victims of botnet attacks. It is unclear whether innocent users of computers hacked by the FBI will be notified of the hacks. Thus, the revised Rule 41 may seriously threaten the privacy of millions of innocent residents of the US and other countries.

The threats did not go unnoticed by US senators. On May 19, 2016, Senators Ron Wyden and Rand Paul introduced the Stop Mass Hacking (SMH) Act, which prevents the changes to Rule 41 from taking effect. Senator Wyden said in this regard that: “If Congress does not act by December 1st, the security and privacy of Americans will be thrown out the window and the victims of hacking attacks will be attacked again – this time by their own government.”

Sources

Apuzzo, M., ‘F.B.I. Used Hacking Software Decade Before iPhone Fight’, The New York Times, 13 April 2016. Available at http://www.nytimes.com/2016/04/14/technology/fbi-tried-to-defeat-encryption-10-years-ago-files-show.html?_r=0 .

Brandom, R., ‘Supreme Court approves legal authority to hack anonymous computers’, The Verge, 29 April 2016. Available at http://www.theverge.com/2016/4/29/11536348/supreme-court-approval-fbi-anonymous-hack .

‘Child Porn Sting Goes Global: FBI Hacked Computers in Denmark, Greece, Chile’, Motherboard, 22 January 2016. Available at https://motherboard.vice.com/read/child-porn-sting-goes-global-fbi-hacked-computers-in-denmark-greece-chile .

‘Cops arrest teen for hack and leak of DHS, FBI data’, FoxNews.com, February 2016. Available at http://www.foxnews.com/politics/2016/02/13/cops-arrest-teen-for-hack-and-leak-dhs-fbi-data.html .

Gibbs, S. ‘FBI reportedly paid professional hackers to gain access to San Bernardino iPhone – report’, The Guardian, 13 April 2016. Available at https://www.theguardian.com/technology/2016/apr/13/fbi-reportedly-paid-professional-hackers-gain-access-san-bernardino-iphone .

‘In a First, Judge Throws Out Evidence Obtained from FBI Malware’, Motherboard, 20 April 2016. Available at https://motherboard.vice.com/read/in-a-first-judge-throws-out-evidence-obtained-from-fbi-malware.

Lynch, D. J., ‘US justice department seeks to expand FBI’s hacking powers’, Financial Times, 25 April 2016. Available at http://www.ft.com/intl/cms/s/0/892545e2-08bb-11e6-b6d3-746f8e9cdd33.html .

Lyngaas, S., ‘Senators seek to block expanded hacking powers for FBI’, FCW.com, 20 May 2016. Available at https://fcw.com/articles/2016/05/20/hacking-fbi-block.aspx .

‘Mobster’s Son Pleads Guilty After FBI Taps Into Computer’, Los Angeles Times, 1 March 2002. Available at http://articles.latimes.com/2002/mar/01/news/mn-30499 .

Nakashima, E., ‘FBI paid professional hackers one-time fee to crack San Bernardino iPhone’, The Washington Post, 12 April 2016. Available at https://www.washingtonpost.com/world/national-security/fbi-paid-professional-hackers-one-time-fee-to-crack-san-bernardino-iphone/2016/04/12/5397814a-00de-11e6-9d36-33d198ea26c5_story.html .

Prupis, N., ‘Supreme Court Quietly Approves Rule to Give FBI ‘Sprawling’ Hacking Powers’, CommonDreams, 29 April 2016. Available at http://www.commondreams.org/news/2016/04/29/supreme-court-quietly-approves-rule-give-fbi-sprawling-hacking-powers .

‘Second Judge Argues Evidence From FBI Mass Hack Should Be Thrown Out’, Motherboard, 27 April 2016. Available at http://motherboard.vice.com/read/second-judge-argues-evidence-from-fbi-mass-hack-should-be-thrown-out .

Sullivan, B., ‘FBI software cracks encryption wall’, NBC News, 20 November 2001. Available at http://www.nbcnews.com/id/3341694/ns/technology_and_science-security/t/fbi-software-cracks-encryption-wall .

‘The Global Black Market Prices’, TrendMicro. Available at http://www.trendmicro.com/vinfo/us/security/special-report/cybercriminal-underground-economy-series/global-black-market-for-stolen-data/#section-2 .

Thomas, K., ‘Nine bad botnets and the damage they did’, Welivesecurity, 25 February 2015. Available at http://www.welivesecurity.com/2015/02/25/nine-bad-botnets-damage/ .

Thomson, I., ‘FBI: Er, no, we won’t reveal how we unmask and torpedo Tor pedos’, The Register, 29 March 2016. Available at http://www.theregister.co.uk/2016/03/29/fbi_tor/ .

‘US Supreme Court approves expanded hacking powers’, BBC, 29 April 2016. Available at http://www.bbc.com/news/technology-36169019 .

Yandron, D., ‘Supreme court grants FBI massive expansion of powers to hack computers’, The Guardian, 29 April 2016. Available at https://www.theguardian.com/technology/2016/apr/29/fbi-hacking-computers-warrants-supreme-court-congress .

Zetter, K., ‘Everything we know how the FBI hacks people’, Wired, 15 May 2016. Available at https://www.wired.com/2016/05/history-fbis-hacking/ .