(CNN) — The legal fight between Apple and the FBI over a terrorist’s smartphone has put another company, an Israeli tech firm, into the spotlight.
Neither that security company nor the the FBI are talking about what could be a big break in a crucial investigation.
Four months after the San Bernardino terrorist attack, the iPhone 5c of one of the shooters remained a critical but inaccessible piece of evidence.
An ugly legal battle between the FBI and Apple suddenly ended when the FBI found a different way to get into the iPhone.
An Israeli newspaper, citing industry sources, said the company that did the work was called Cellebrite, based out of a high-tech park just outside of Tel Aviv.
Neither the FBI nor Cellebrite have confirmed the company’s involvement to CNN, but Cellebrite specializes in mobile device data extraction and decryption – in other words, hacking phones.
That’s exactly what the FBI needed in this case, which only stated that it used an “outside company.” But the FBI did sign a $200,000 contract with Cellebrite the same day the bureau announced it had gained access to the content in the shooter’s phone.
Shares of Cellebrite’s parent company soared.
At a tech conference in 2014, Cellebrite’s forensics technical director Yuval Ben Moshe told CNN about their work. “We allow law enforcement agents a very deep and detailed access to a lot of information that is on the mobile device to deduct who did what when, which is the essence of any investigation.”
Cellebrite’s technology isn’t just a hack on an iPhone — critics say it’s a hack on privacy.
Ben Moshe says his company has been challenged in court. “You got to make sure that whatever that you bring into court can stand there and can stand every cross-examination and there are very, very strict rules and guidelines in most countries and we meet those to the best of our knowledge.”
To learn more about mobile device security, we met Michael Shaulov, a mobile technology expert at Checkpoint, an Israeli cyber-security firm.
“What are the weak points of an iPhone or any other mobile device that you can access the phone through?,” CNN asked.
Shaulov replied “When you connect the cable to the phone, then you can abuse all kinds of protocols, and the iPhone can communicate with the laptop, and then by hijacking or manipulating those protocols, you can unlock the phone.”
“If I give you my iPhone, how long will it take you to hack it?”
“It will probably take me less time to hack the phone when it is in your hand rather than when I have it,” he said. “It’s much easier to conduct a social engineering attack, to get you to install something on your phone rather than me trying to get around your passcode.”
This is the flip side of the start-up nation — innovation used to build security, now used to exploit vulnerabilities.
So is Cellebrite the company behind the U.S. government’s iPhone hack? It will not say, but notably the company that signed the FBI contract and was enthusiastically touting its technology not long ago has now gone silent.