Encryption foils FBI's attempts to unlock 7,000 devices
The FBI's boss said it's one of the authority's biggest hurdles
The FBI has failed to extract data from 7,000 mobile devices it was trying to hack, with the organisation's director saying encryption was the biggest hurdle to its work yet.
Christopher Wray told the International Association of Chiefs of Police conference in Philadelphia that encryption was "a huge, huge problem" for FBI investigations, saying the organisation had not managed to break into half of the devices they had attempted to access.
Smartphone manufacturers and operating system providers use encryption to protect their users' data from criminals. This end-to-end encryption is almost impossible to hack into, which is good for users, but raises challenges for authorities who may need to extract data from devices to aid in criminal investigations.
"Encryption that frustrates forensic investigations will be a fact of life from now on for law enforcement agencies," Prof Alan Woodward at the University of Surrey told the BBC. "Even if the equipment manufacturers didn't build in such encryption it would be possible to obtain software that encrypted data in the same way."
Although Wray said he understood smartphone manufacturers needed to put in place strong protections to protect the public, he said a balance must be struck that allows authorities to glean information from devices if and when required.
One notable case that prevented the FBI from accessing a suspect's device was when it wanted to break into San Bernadino shooter Syed Rizwan Farook's iPhone. Apple refused to grant the organisation access and when the police appealed, a judge ruled that Apple did not have to provide the information requested. However, the FBI managed to break into the killer's device using a third-party hacker.
What you need to know about migrating to SAP S/4HANA
Factors to assess how and when to begin migrationDownload now
Your enterprise cloud solutions guide
Infrastructure designed to meet your company's IT needs for next-generation cloud applicationsDownload now
Testing for compliance just became easier
How you can use technology to ensure compliance in your organisationDownload now
Best practices for implementing security awareness training
How to develop a security awareness programme that will actually change behaviourDownload now