World

FBI Admits It Used National Security Hacking Tools for Ordinary Criminal Cases

A special report for the US Department of Justice has confirmed the existence of the FBI’s Remote Operations Unit – a super-secret team of hackers who used classified exploits reserved for intelligence operations in ordinary criminal cases.
Sputnik

The existence of the Remote Operations Unit (ROU) has been a favorite of conspiracy theorists since 2013, when American Civil Liberties Union (ACLU) principal technologist Chris Soghoian uncovered the group's existence by piecing together LinkedIn profiles and sections of documents released through the Freedom of Information Act (FOIA).

Hackers Make Thousands of Dollars on Telegram Glitch
The ROU is a team of professional hackers with hacking tools and tricks so cool and classified they are usually reserved for matters of national security; i.e., intelligence and counterintelligence.

An Office of the Inspector General (OIG) report issued in March for the US Department of Justice, however, officially acknowledged the group's existence for the first time. The reports also says the ROU used their super-cool hacking techniques in ordinary criminal cases — twice.

According to the report, the ROU manager "sees a line in the sand" regarding using intelligence tools in a criminal investigation, but this line can be crossed with approval from the Deputy Attorney General.

"The ROU chief was aware of two instances in which the FBI invoked these procedures," a footnote in the report reads.

Which two instances those were has not been disclosed, as the report itself is very secretive. But the FBI did gain wide notoriety after indiscriminately infecting some 8,000 computers with a highly sophisticated Tor Browser exploit. Although it was a criminal child porn investigation, the exploit provided the bureau with unauthorized access to computers located overseas, including in Russia, China and Iran.

"Using classified tools in criminal cases is risky for all sides," says Ahmed Ghappour, associate professor of law at Boston University School of Law, who has researched law enforcement hacking extensively, according to a Thursday report by Motherboard.

FBI Grills Farage Ally About Trump's Campaign - Reports
Why is using intelligence tools in criminal investigations bad? For one it puts a spotlight on things that government agencies would rather not be widely known, as they will have to disclose information about their classified investigation methods to courts, making their secret weapons not so secret anymore. A vendor company such as Apple or Microsoft will patch the holes in their code they learn about this way, making the hacking tricks useless.

"If hacking tools are used at all, the government should seek a warrant to employ them and it must fully disclose to a judge sufficient information, in clear language, about how the tools work and what they will do," Brett Kaufman, a staff attorney at the ACLU, said according to Motherboard.

On the other hand, if the government fails to clearly explain their methods, the court case is very likely to be dismissed, says Ghappour. The government "may be ordered to disclose classified information to the defense to satisfy due process, or face dismissal of the case," Ghappour said.

The use of classified hacking tools in criminal cases also presents obstacles for defense teams, which can see their ability to contest the evidence brought against their client eroded over secrecy concerns.

"When hacking tools are classified, reliance on them in regular criminal investigations is likely to severely undermine a defendant's constitutional rights by complicating discovery into and confrontation of their details," Kaufman said.

But it looks like this discovery may soon become obsolete. When asked about the unit, an FBI spokesperson declined to comment, choosing instead to cite page 16 of the OIG report, which says, in part, that "FBI/OTD has realigned mission areas for several units in preparation for a larger re-organization," Motherboard notes.

Discuss