The Wall Street Journal is reporting that the FBI employs a number of high-tech hacker tactics in its efforts to round up information on suspects, including the ability to remotely activate microphones on Android devices and notebook computers, according to one of its sources who is described as a “former U.S. official.” These and other tools are brought to bear in cases related to organized crime, counter-terrorism or child pornography, according to the WSJ report.
The tools it uses are both internally and externally sourced, with some coming from the private sector. Hacking at the FBI under court order has gradually increased, as law enforcement officials try to find ways to circumvent new communication tech that’s more resistant to traditional surveillance methods like wiretapping. The specifics of its methods are not generally brought to light in public, but a warrant from earlier this year revealed that one request involved using a computer’s built-in camera to take photos of a suspect without their knowledge. The request in that case was denied.
According to the WSJ’s source, the FBI resorts to these tactics when they’re out of options, and “don’t have any other choice.” The tools used to gather the data are often installed remotely, using essentially phishing style links that injects essentially Trojan software when clicked by a suspect under surveillance. They can also be installed via physical access and a USB drive, the report says, and in all cases the FBI tries to ensure only “relevant data” are gathered by its hacking efforts, through the use of a screening team that checks for relevancy before handing information off to investigators working the case.
The news that the FBI employs hacker tactics on occasion to gather data about potential suspects is not new, but the specifics of how it goes about it, and how it might be able to employ a user’s own hardware to record conversations remotely is definitely going to raise some eyebrows, especially in light of the attention now focused on digital rights and privacy thanks to the leaks around the NSA’s PRISM and XKeyscore programs. In theory, the devices could even be activated to eavesdrop on an in-person conversation with a potential suspect who doesn’t even own an Android device, perhaps from the pocket of a friend who does. PRISM reportedly involves a number of prominent Internet companies, and Xkeyscore seems to allow the U.S. security agency unprecedented access to information about emails, chat history and more, according to information leaked by former U.S. government security contractor Edward Snowden.
In this case, it sounds like the FBI’s tools might involve Android and desktop PC malware, so Google wouldn’t need to be complicit for claims about using Android device mics remotely to be accurate. We’ve reached out to both the FBI and Google for comment, but have yet to hear back as of press time.