Skip to main content

Advertisement

Advertisement

Inside the little-known Japan firm helping the FBI crack iPhones

TOKYO — The little-known Japanese company at the centre of a legal tussle between Apple and the US government over the hacking of an iPhone built its business on pinball games machines and stumbled into the mobile phone security business almost by accident.

The new Apple iPhone SE is displayed at an Apple shop in Tokyo on March 31, 2016.  Photo: AP

The new Apple iPhone SE is displayed at an Apple shop in Tokyo on March 31, 2016. Photo: AP

TOKYO — The little-known Japanese company at the centre of a legal tussle between Apple and the US government over the hacking of an iPhone built its business on pinball games machines and stumbled into the mobile phone security business almost by accident.

Petah Tikva, Israel-based Cellebrite worked with the FBI to crack an iPhone connected in a terrorist attack, according to people familiar with the matter, who askednot to be identified as the matter is private. Neither Cellebrite nor the FBI have confirmed the link, and the Sun spokesman on Thursday (March 31) said the company isn’t able to comment on specific criminal cases.

Sun Corp, based in a small town of 100,000 southwest of Tokyo, has been building pinball-like game machines found in Japan’s pachinko parlors since the 1970s but has often displayed bigger tech ambitions. The Konan, Aichi-based company developed personal computers in the late 1970s, computer games and more recently, iPhone mahjong apps. In 2007, as sales slumped, Sun acquired Israeli technology company Cellebrite Mobile Synchronization.

Cellebrite hadn’t ventured into forensics at the time, and the purchase was mainly to add phone-to-phone data transfer to Sun’s fledgling telecommunications business, said the Japanese company’s spokesman Hidefumi Sugaya. When Cellebrite later took on investigative agencies such as the Federal Bureau of Investigation as clients, the business took off, he said in a telephone interview. Today, the bulk of Sun’smobile data solutions business comes from Cellebrite, said Sugaya.

Sun’s shares have surged since March 21, when US authorities said a third party demonstrated a way to access data on the iPhone used in the San Bernardino, California, mass shooting last year. The shares rose 7 per cent to 1,091 yen by the close of trading in Tokyo on Thursday.

“If it’s Cellebrite it’s probably good publicity for them,” said Mr Bryce Boland, chief technology officer for Asia Pacific atsecurity company FireEye Inc. “There are other companies as well that provide tools in this space, and Cellebrite are one of the best companies in this space.”

Revenue from Cellebrite’s mobile data solutions division overtook pachinko parts in Sun’s fiscal year ended March 2014 and contributed 13.6 billion yen (S$163 million) or 50 per cent of sales in the last fiscal year, according to data compiled by Bloomberg. It’s now the largest business segment for Sun.

Israeli daily Yedioth Ahronoth last week identified Cellebrite,which has captured a large slice of the mobile forensics market over the past decade, as the FBI’s partner in cracking the iPhone.

The US Justice Department said on Tuesday it has gained access to the data on the shooter’s phone with third party help, and dropped its legal case against Cupertino, California-based Apple.

“Although the FBI didn’t get a legal decision that would require Apple to hack around its own security software, it created a situation where they can go to third parties to do that,” said Mr Matt Larson, an analyst at Bloomberg Intelligence. “Companies like Cellebrite may have found a niche industry of assisting the FBI unlock personal devices in select cases moving forward.”

Cellebrite sells hardware and software for extracting data from hand-held devices, even if it has been encrypted or deleted. It employs more than 500 people and has offices in Israel, the US, Brazil, Germany, Singapore and the UK, according to its website. Founded in 1999, Cellebrite was bought by Sun Corp for a reported US$17.5 million.

The value of forensics companies such as Cellebrite, particularly for law enforcement agencies, goes beyond accessing encrypted data, according to Mr Jonathan Zdziarski, a cyber-security researcher and iPhone security expert who consults with law enforcement.

STUDY PATCHES

“As you copy the evidence from the phone, you need to be able to catalog it and demonstrate you haven’t tampered with it — show that the file that came from the phone is the same file you are using in court,” he said. “There have been plenty of free hacking tools available — it’s not just about getting to the data. All of these problems are addressed by forensics companies like Cellebrite.”

The Israeli firm may have been able to come up with a method to crack the iPhone from studying patches that Apple’s released, or updates to software that fix vulnerabilities, said FireEye’s Boland, adding he had no direct knowledge of this case.

“It’s a fairly straightforward method for a researcher to identify what has been changed, and from that reverse-engineer what the flaw was and then build a tool to exploit that flaw,” he said. BLOOMBERG

Read more of the latest in

Advertisement

Advertisement

Stay in the know. Anytime. Anywhere.

Subscribe to get daily news updates, insights and must reads delivered straight to your inbox.

By clicking subscribe, I agree for my personal data to be used to send me TODAY newsletters, promotional offers and for research and analysis.