TerrorismCalif. terrorists’ iPhone may have been used to introduce malware into data networks: DA

Published 7 March 2016

San Bernardino County District Attorney Michael Ramos has advanced what experts describe as an unusual reason for forcing Apple to allow the FBI to break the password of the iPhone used by the two terrorists as part of the agency’s investigation of the attack. Ramos says the phone might have been “used as a weapon” to introduce malicious software to county computer systems.

Smartphones can be used to introduce malware into networks // Source: commons.wikimedia.com

San Bernardino County District Attorney Michael Ramos, in an effort to strengthen the FBI’s hand in the agency’s on-going dispute with Apple over access to the information on the iPhone s used by the San Bernardino terrorists, has advanced what experts describe as an unusual reason for forcing Apple to remove one element of the end-to-end encryption with which the device has been equipped. Relaxing the 10-attempt limit on attempting to guess the device’s password would allow the FBI to access the calls and messages the two killers made and received before they were killed.

Ramos says the phone might have been “used as a weapon” to introduce malicious software to county computer systems.

The Mercury News reports that Ramos admitted to the AP that there was no evidence of malicious software in the county’s computer network, but he added: “I wouldn’t call it a total hypothetical.”

Computer security experts, however, say Ramos’s theory is far-fetched. The News notes that by late Friday, Ramos’s claim was the subject of a wave of social media postings – with many pointedly noting Ramos’s use of the “cyber pathogen” to describe the supposed malware.

Ramos’s idea that the two terrorists used their iPhone to transmit a “lying-dormant cyber pathogen” into county data systems is novel – but his office still cited it in a court filing Thursday as one of several reasons why the court should order Apple to cooperate with the FBI investigation.

This was a county employee that murdered 14 people and injured 22,” Ramos said. “Did he use the county’s infrastructure? Did he hack into that infrastructure? I don’t know. In order for me to really put that issue to rest, there is one piece of evidence that would absolutely let us know that, and that would be the iPhone.”

Many software expert dismissed Ramos’s notion. Jonathan Zdziarski, independent software researcher who has signed a brief in support of Apple’s position, posted on his personal blog: “Ramos’s statements are not only misleading to the court, but amount to blatant fear mongering.”

The News notes that other security experts are more receptive to Ramos’s argument. “It’s definitely possible, technically, but it doesn’t seem to me at first glance to be likely,” said David Meltzer, a computer security expert and chief research officer at Tripwire, a commercial IT security firm. He noted that Apple’s iPhone operating system is a relatively closed environment, making it difficult for users to introduce their own programs.