The US Central Intelligence Agency (CIA) has been running a sustained campaign to break the security of Apple iPhones and iPads, according to new documents from the trove leaked by National Security Agency (NSA) whistleblower Edward Snowden.
The CIA even ran its own conference, called the Jamboree, sponsored by the CIA’s Information Operations Center, which carries out covert cyber attacks, where attendees shared their strategies and tips for exploiting security flaws in a range of electronic devices – with the first Jamboree held in 2007, a year before Apple’s first iPhone was released.
The documents, revealed today in a report by The Intercept, indicate that the CIA was keen not just to crack the security of popular smartphones and other communications devices, but to uncover flaws in a wide range of electronic devices and to devise exploits that they could use.
However, the popularity of Apple’s iPhone quickly made it the CIA’s number one target. Its aim was to break the devices’ encryption in order to gain access to data held on the devices.
“Studying both ‘physical’ and ‘non-invasive’ techniques, US government-sponsored research has been aimed at discovering ways to decrypt and ultimately penetrate Apple’s encrypted firmware. This could enable spies to plant malicious code on Apple devices and seek out potential vulnerabilities in other parts of the iPhone and iPad currently masked by encryption,” claims The Intercept.
It continues: “The security researchers also claimed they had created a modified version of Apple’s proprietary software development tool, Xcode, which could sneak surveillance backdoors into any apps or programs created using the tool. Xcode, which is distributed by Apple to hundreds of thousands of developers, is used to create apps that are sold through Apple’s App Store.”
Apple Mac computers were also targeted, with the CIA claiming to have successfully modified the OSX update in order to install key-stroke loggers onto Mac desktop and laptop PCs.
The subversion of the updater app is potentially highly damaging and raises the question of whether it – and similar applications, such as Microsoft’s Windows Update – have, or could be, compromised in a similar way.
Other presentations at the CIA conference have focused on the products of Apple’s competitors, including Microsoft’s BitLocker encryption system, which is used widely on laptop and desktop computers running premium editions of Windows, claims The Intercept.
Both Apple and the CIA declined to comment on the story. Security researchers, though, were critical over the lack of detail provided by the reports.
Ken Westin, a senior security analyst at Tripwire, said that it would be naïve to think that such programmes don’t exist: “The story provided by The Intercept unfortunately does not tell us a whole lot that most security researchers did not already know or assume. The one document that The Intercept provides only reveals the existence of a CIA-sponsored event where security researchers met to discuss methods and techniques to compromise Trusted Computing systems.
“The article also mentions that the documents they have do not show any evidence of actual successful compromise or active exploits. There have been a number of similar programmes such as the NSA’s Dropout Jeep where the goal was to find ways to compromise devices. I think it is a bit naïve to think that these types of programmes don’t exist either by the US government or other government agencies for that matter.
“The question arises, however, if vulnerabilities were discovered that were not disclosed to Apple or other companies whose systems were potentially exploited, this is where the definition of security research and high-tech espionage diverge,” said Westin.
The new revelations follow claims that the NSA has been subverting hard-disk firmware in order to plant malware that is both difficult to detect and hard to eradicate from people’s PCs.