Judge rejects FBI's bid to hack computer of suspect in attempted cyberheist

Warrant request too broad, fails to meet 4th amendment standards

A federal court in Houston has rejected an FBI request for a warrant to hack into the computer of a suspect in an attempted cyberheist.

In, a sometimes testy, 13-page ruling earlier this week, U.S. Magistrate Judge Stephen Smith of the U.S. District Court for the Southern District of Texas characterized the government's request as overly intrusive and infringing on Fourth Amendment protections against unreasonable search.

The FBI in March sought a warrant to search a computer situated at a location unknown to them and belonging to an unknown suspect. In its request, the FBI sought a warrant that would allow investigators to surreptitiously install software capable of extracting information from the target computer, identify its location and also take photos of those who used the system.

The computer in question belonged to a suspect who had attempted to steal money from the online bank account of a Texas resident. An investigation showed that the IP address of the computer used in the attack was from a foreign country. Both the location of the computer and the identity of its owner are unknown.

The FBI's application for a search warrant sought permission to install the spying software on the target computer to collect information and to monitor activity on the computer over a 30-day period.

In its application, the FBI described its software as capable of searching through the computer's hard drive, memory and storage. The software would secretly activate the computer's built-in camera, take video and photos of people using it, generate latitude and longitude coordinates of its location and send all the information back to the investigators, the FBI said in its warrant application.

The specific information that the FBI was seeking from the target computer included records of IP addresses used, records of browsing activity, firewall logs, caches, cookies, bookmarks and terms entered into search engines. The FBI said that it would also use the software to try and identify the computer's owner and the individual who used it at the time of the attempted cyberheist.

Video and still images captured through the surreptitious use of the computer's built-in camera would be used to identify the suspect and also his or her location, the FBI application said

The magistrate judge rejected the application for several reasons.

The search for which the FBI is seeking authorization involves both a search for the computer and of the computer, Smith noted in his ruling. Neither of the searches would take place within the territorial jurisdiction of the court, he said. "Contrary to the current metaphor used by Internet Service Providers, digital information is not actually stored in the clouds; it resides on a computer or some other form of electronic media that has a physical location," he wrote.

The FBI's search will not take place in the "airy nothing of cyberspace" but rather in a physical space in specific location. Since the government does not know where the computer is located, its warrant request does not meet the territorial limits rule of the statute under which the warrant is being sought, Smith said.

The government's warrant request also offers few specifics on how it would search for the target computer and ensure that only the suspect or suspects in the attempted cyberheist would be monitored, he said. Those involved in cybercrime often spoof IP addresses, so it is possible the target computer belongs to an innocent victim.

Similarly, the computer used by the suspect, could also be used by others who were not involved in any illicit activity, the judge said. "What if the target computer is located in a public library, an Internet caf or a workplace accessible to others?"

The judge also rejected the FBI's assertion that investigators would use the built-in camera only to do "photo monitoring" of the suspect as opposed to video surveillance. It's a distinction without a difference, the judge maintained.

"In between snapping photographs, the government will have real time access to the camera's video feed. That amounts to video surveillance."

The government failed to show what other methods it might use or why it needs to resort to video surveillance to track down the suspect, the judge said. There is nothing in the warrant to show how the government will avoid monitoring innocent users or collecting data about them from the target computer. As a result the government has failed to meet Fourth Amendment standards for video surveillance, he said.

This article, Judge rejects FBI's bid to hack computer of suspect in attempted cyberheist, was originally published at Computerworld.com.

Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan or subscribe to Jaikumar's RSS feed. His e-mail address is jvijayan@computerworld.com.

See more by Jaikumar Vijayan on Computerworld.com.

Read more about cybercrime and hacking in Computerworld's Cybercrime and Hacking Topic Center.

Join the CSO newsletter!

Error: Please check your email address.

Tags Cybercrime and Hackingsecurityfbi

More about FBITopic

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Jaikumar Vijayan

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts