• Skip to primary navigation
  • Skip to main content
  • Skip to footer
Logo of Agilient Security Consultants, Australia

Agilient Security Consultants Australia

Cybersecurity & Risk Management Specialists

Menu
  • Home
  • Industries
      • Aviation
      • Defence & Defence Industry
      • Government
      • Health & Hospitals
      • Corrections and Detention
      • Maritime
      • Aged Care Facilities
      • Mining, Oil & Gas
      • Public Venues & Events
      • Rail
      • Research and Education Industry
      • Telecommunications
      • Utilities
    • advice-colleagues-communication-newIndustries
  • Services
      • Cybersecurity
      • Protective Security
      • Business Resilience
      • Building Security Consultants
      • Security Audits
      • Pandemic Planning
      • Electronic Security
      • IT Disaster Recovery Plan
      • Security Consultants
      • CCTV and Security Cameras
      • Duress Alarms
      • Security Risk Assessment Consultants
      • Managed Security Service Provider
      • Protection against Vehicles as a Weapon
    • training-1Services
  • Solutions
    • banner-menuUnisys Solutions
    • CTO-Blog-110619-Header-GraphicLookingGlass Solutions
    • menu-bg-2Dell Technologies (RSA) Solutions
    • Sightline-Visualization-menuSightline Solutions
  • Resources
    • menumanagers-dealing-customer-agreTraining
    • working-together-newJoin The Tribe
    • Webinars_3-1.jpgUpcoming and Past Events
    • hacking-detected-shutterstock_newResources
  • Articles
  • About
    • About Us
      We are an Australian owned and operated security company specialising in risk, cybersecurity, protective security, crisis and business continuity management services.
    • frequently-asked-questions-smallFAQ’s
    • bg-menu-government-institutionsConsultant Registration
  • Contact Us
Contact Us

US Law Enforcement Has a New Tool For Unlocking iPhones: ‘GrayKey’

You are here: Home / General / US Law Enforcement Has a New Tool For Unlocking iPhones: ‘GrayKey’
US Law Enforcement Has a New Tool For Unlocking iPhones: ‘GrayKey’
US Law Enforcement Has a New Tool For Unlocking iPhones: ‘GrayKey’

As of iOS 8, Apple’s 8th generation mobile device operating system, Apple no longer has the ability to gain access to their mobile devices.

Despite requests from law enforcement agencies, the tech giant can’t assist with investigations as device encryption is handled locally on the device itself by the user’s passcode. Only the passcode can access the device; there is no master key or hidden back door.

Some may remember back to late 2015, when the FBI recovered an iPhone belonging to one of the perpetrators of the December 2015 San Bernardino terrorist attack. Apple iPhones are known to be incredibly secure once locked with a passcode and the following months saw announcements that the FBI was attempting to force Apple to assist in breaking the encryption securing the device.

The event was a topic of great discussion among tech communities. The FBI later took Apple to court, demanding that a new version with bypassed security features be developed. However, in March of 2016, the FBI announced that they had successfully unlocked the phone via an undisclosed third party.

More recently, US start-up Grayshift has emerged stating they have developed a device known as “GrayKey” that is capable of unlocking even the latest iOS devices with iOS versions as recent as 11.2.5 installed as of the writing of this article.

GrayKey is believed to exploit a vulnerability in iOS’s passcode security, which bypasses the delays in between attempting passcodes (for example, a user might have to wait 30 seconds after five failed attempts), enabling the GrayKey to initiate a brute force attack against the targeted iOS device.

GrayKey can very easily crack the passcode to the targeted device, even if the device is disabled, and extract the complete file system. GrayKey is currently unavailable to the general public, instead, it is being targeted toward law enforcement agencies presumably to keep the vulnerabilities that the GrayKey uses a secret. Little else is known about exactly how GrayKey works. Marketing materials leaked from private online police and forensics groups are the only sources of information. A Forbes source has stated that they witnessed the device successfully unlocking an iPhone X.

Such a device does come at a cost with each license limited to 300 unlocks costing an agency USD$15,000 and an unlimited license costing USD$30,000 which might seem expensive, however, it is rumoured that the FBI spending approximately USD$1 million to the contracted third party in the San Bernardino investigation.

It is likely that many law enforcement agencies will be interested in such a device, however, it is unknown how long it will take before Apple is made aware of the vulnerability that GrayKey exploits.

The topic of whether or not governments should be able to unlock a mobile device, particularly in a criminal investigation is a heavily debated. Should the general public have access to complex encryption? Many believe that in the wake of recent terrorist activities that law enforcement having the ability to unlock suspect devices is in the best interest of public safety. Though many fear that such ability could be used nefariously, for activities such as secret mass surveillance.

For more information on how to avoid a security hack on your mobile device speak with the team from Agilient today or click here for information on security measures to keep your data private permanently.

Tweet
Share

General

Looking for a security partner? Get in touch with Agilient.

Looking for practical and cost-effective security and risk solutions for your government department, agency or company? Speak with Australia’s leading senior security, risk and resilience experts.


Looking for a pandemic planning partner? Get in touch with Agilient.

Looking for practical and cost-effective risk management solutions for your government department, agency or company? Speak with Australia’s leading senior risk and emergency management experts.



Footer

Agilient is a proud member of

Ai Group Defence Council
Australian Industry & Defence Network
Australian Security Industry Association
Sydney Aerospace & Defence Interest Group

Company and Licensing Details:

ABN: 37 157 911 441
NSW Security Master Licence # 410783087
ACT Security Master Licence # 17502184
Vic Security Registration # 878-460-40S
Qld Security Firm Licence # 3834422

Join The Tribe

Sign up to receive our regular Agilient newsletter including the latest security, risk and resilience updates

Sign up now

Copyright © 2022 Agilient – Level 14, 275 Alfred St, North Sydney NSW 2060 Australia – 1300 341 692