Newly declassified documents have exposed how US law enforcement sought court orders to combat strong encryption for over a decade. Launched by the FBI in 2003, the papers describe an investigation dubbed 'Operation Trail Mix' which, aided by a federal court request, attempted to circumvent encryption on the devices of targeted suspects .
Revealed as part of a Freedom of Information Act (FoIA) request obtained by The New York Times, the documents, for the first time, expose in detail how the FBI investigation came to a halt after suspects in an animal rights case used Pretty-Good-Privacy (PGP) to secure their communications. For months, the FBI had been intercepting phonecalls and emails of the Stop Huntingdon Animal Cruelty activist group, suspected of being behind criminal attacks and hacking that reportedly caused over $400,000 (£282,900) worth of damages against US laboratory Huntingdon Life Sciences. However, once encryption entered into the mix, the agency was left in the dark.
In response, the FBI persuaded a federal judge to let it remotely install malicious surveillance software on the suspect's computers. This, according to the New York Times, is the first known example of the agency using malware and spyware as part of its wiretapping process. In one 2005 document summarising the case, an FBI agent wrote: "This was the first time that the Department of Justice had ever approved such an intercept of this type."
Ultimately, the papers reveal the attempt to crack PGP directly was unsuccessful. However, much like the recent controversy surrounding the agency's fight with technology giant Apple, the FBI was eventually able to find a suitable workaround. Furthermore, like the most recent case, the tool used to solve the problem has remained elusive.
"Please be advised that the tool itself is classified SECRET," an FBI computer specialist wrote in an early 2003 document, while delivering an early version of the exploit. "Further, any indication that the tool is specifically software in nature is also classified."
Echoing the Operation Trail Mix investigation, the recent court order against Apple was resolved with the use of a classified solution. At first, it was suspected that Israeli firm Cellebrite could have been the unnamed third party working alongside the agency. It has since come to light that the FBI used 'professional hackers' who had access to a previously undisclosed zero-day exploit to break the smartphone's encryption.