An FBI hacking operation may have crossed international borders, according to new court documents, but experts...
are unsure what the consequences may be.
The details come as part of court filings in the appeal of David Tippens in connection to the Playpen dark web child pornography website. During the investigation, the FBI reportedly seized the Playpen server, but kept it running for 13 days. During this time, an FBI hacking operation deployed a network investigative technique -- malware designed by the FBI to gather information on users of the website.
According to the court filing first obtained by The Daily Beast, the FBI hacking operation "ultimately seized 8,713 IP addresses and other identifying data from computers located throughout the United States and in 120 other countries, including Russia, Iran and China, as well as data from an entity the government described as 'a satellite provider.'"
Experts like Philip Lieberman, president of Los Angeles-based Lieberman Software, told SearchSecurity this was an especially tricky scenario, because "the FBI is not authorized for foreign operations," according to its federal mandate.
Nicholas Weaver, computer security researcher at the International Computer Science Institute in Berkeley, Calif., said the anonymity of the dark web makes this FBI hacking case more complicated.
OTOH, with Tor in particular there is no way to know (so its not willful), and in these CP cases, local cops are happy.— Nicholas Weaver (@ncweaver) November 8, 2017
Robert Cattanachpartner, Dorsey and Whitney LLP
Robert Cattanach, partner at Dorsey and Whitney LLP, based in Minneapolis, agreed the FBI might not "know the physical location of the computer until it accesses the computer," but said international cooperation in these investigations might be possible even with countries like Russia, China and Iran.
"In an area like child pornography, one would not expect a lot of friction, even from these kinds of countries. But in the delicate world of international relations, the best result one could often hope for is for the foreign government to 'look the other way' as we accessed computers to build a case against a U.S. resident," Cattanach told SearchSecurity.
"Of course, we might also be willing to 'look the other way' in similar situations. If a foreign power is pressing the envelope to gain access to national security or confidential business information, however, that would be an entirely different story."
Learn why threat monitoring on the dark web is crucial.
Find out how the FBI handles cyber investigations.
Get info on the FBI's next-generation ID system.