News

San Bernardino DA Says Shooter’s iPhone Could Contain a ‘Dormant Cyber Pathogen’

San Bernardino District Attorney Michael A. Ramos filed an amicus brief in support of the FBI and in it he claims San Bernadino shooter Syed Farook’s iPhone 5c, which was seized by law enforcement officials, “may contain evidence that can only be found on the seized phone that it was used as a weapon to introduce a lying dormant cyber pathogen that endangers San Bernardino’s infrastructure.”

AppleInsider:

The curious statement was made in reference to an unspecified threat in violation of California Penal Code Section §502 covering protections against tampering, interference, damage and unauthorized access to computer systems.

Ramos appear to be inferring that Farook possibly unleashed a virus or worm into the county’s internal network while in possession of his county-supplied work phone. But there doesn’t appear to be any justification or evidence supporting his claim.

“It sounds like he’s making up these terms as he goes,” said iPhone forensics expert Jonathan Zdziarski, told Ars Technica. “We’ve never used these terms in computer science.” Zdziarski believes that the amicus filing is designed to mislead the courts and manipulate it into a decision in the FBI’s favor. “It offers no evidence whatsoever that the device has, or even might have, malware on it. It offers no evidence that their network was ever compromised.”

This is the first time a law enforcement agency has speculated exactly what information is stored on the iPhone in question.  No other existing court filings include references to a possibly imminent cyber threat.

The county declined to directly comment. A spokesman, David Wert, told Ars Technica in an e-mail that “The county didn’t have anything to do with this brief. It was filed by the district attorney.” The DA’s office, which did not immediately respond for comment, followed up with a statement to Ars, saying that there is a “compelling governmental interest in acquiring any evidence of criminal conduct, additional perpetrators, potential damage to the infrastructure of San Bernardino County, and in protecting the California Constitutionally guaranteed due process rights of the victims, deceased and living, arising from state crimes committed on December 2, 2015.”

The Ramos brief also claims Farook’s iPhone might contain information about a possible third co-conspirator in last year’s terror attack. The attack took 16 lives, including those of Farook, and his wife Tashfeen Malik.

Chris Hauk

Chris is a Senior Editor at Mactrast. He lives somewhere in the deep Southern part of America, and yes, he has to pump in both sunshine and the Internet.