The US Federal Bureau of Investigation (FBI) has been spying on American citizens using various hacking techniques for two decades, yet many details about its data collection practices are still secret, a new report shows.
The hacking history is almost impossible to document, however, because the hacking happens mostly in secret, The Wired magazine reported.
“Search warrants granting permission to hack get issued using vague, obtuse language that hides what’s really happening, and defense attorneys rarely challenge the hacking tools and techniques in court,” the report said.
“As a result, little is known about the invasive tools the bureau, and other law enforcement agencies, use or how they use them.”
The new report shows that the National Security Agency (NSA) isn’t the only agency conducting spying operations.
Countless leaks by American whistleblower Edward Snowden have detailed the highly sophisticated tools used by the NSA to collect data in bulk from unsuspecting people, including American citizens.
The Wired has put together a list of the known hacking operations the FBI has conducted over the years, offering a glimpse at how FBI computer intrusion techniques have developed over the years.
The FBI’s first known computer surveillance tool was an Internet traffic sniffer named Carnivore that got installed on network backbones—with the permission of Internet service providers.
The tool was custom-built to filter and copy metadata and/or the content of communications to and from a surveillance target.
In 2001, reporters got wind of Magic Lantern, the code name for an FBI keystroke logging, the action of recording (logging) the keys struck on a keyboard, typically covertly, so that the person using the keyboard is unaware that their actions are being monitored.
Around the same time, the FBI began using a surveillance tool called CIPAV—Computer and Internet Protocol Address Verifier—designed to collect a computer’s IP and MAC address.
The spying tool also collected an inventory of all open ports and software installed on the machine, as well as registry information, the username of anyone logged in and the last URL visited by the machine.
In 2012, the FBI began using a trick favored by criminal hackers, drive-by downloads, also known as watering hole attacks, which involves embedding spyware on a website, infecting the computers of all visitors to the site.