The US Justice Department (DOJ) wants secretly hack into the suspected criminal’s computer during investigations at any times in bunches for collection of evidence.
The document titled “COMMITTEE ON RULES OF PRACTICE AND PROCEDURE” defines a set of rules to allow federal agencies, including the FBI, to easily obtain warrants to hack into computers for gathering evidence on the crime under investigation when the physical location is not known to them.
The FBI and other government agencies are often involved in the investigation of cyber crime, in many cases, suspects are able to conceal their identity online and government has limited resources to track down the location of a computer that had been disguised by anonymizing software.
The proposed changes would allow federal agencies to “use remote access” tools to investigate on machines, even when “the district where the media or information is located has been concealed through technological means.””
“It is appropriate in such cases to make a narrow exception to the general territorial limitations governing the issuance of search warrants. The proposed amendment addresses this problem by relaxing the venue requirements when “the district where the media or information is located has been concealed through technological means.”” states the proposal.“The government can keep these so-called remote access operations secret from their target for as many as 30 days — longer if an extension is approved by a judge. Obtaining a single warrant to use malware to search potentially thousands of computers in unknown locations would violate constitutional requirements that court-authorized searches be narrow and particular, Fakhoury of the Electronic Frontier Foundation said.” reports a blog post on Bloomberg.
This proposal would leverage the authorities to use “zero-day exploits” to hack computers during criminal investigations, but it’s necessary to evaluate the impact on overall Internet security.
“Assistant Attorney General O’Neil suggested that something like “an investigation involving the use of technological means to conceal identity” might work.” reports the
The proposal raises a heated debate on the expansion of powers for Federal agencies that have to operate maximizing their investigative effort, preserving the privacy and security of individual under investigation.
“I don’t think many Americans would be comfortable with the government sending code onto their computers without their knowledge or consent,” “The power they’re seeking is certainly a broad one.” said Nathan Freed Wessler, a lawyer with the American Civil Liberties Union.
Let’s think to a possible investigation of a criminal entity behind a botnet, the proposal allows federal authorities to request a single warrant to hack into thousands of infected computers, even if located outside the US, to collect evidence and technical details of the attackers. But this means that similar proposal is authorizing the federal agencies to spy on thousands of machines legally.
“The proposed amendment would enable investigators to conduct a search and seize electronically stored information by remotely installing software on a large number of affected victim computers pursuant to one warrant issued by a single judge,” committee said. “The current rule, in contrast, requires obtaining multiple warrants to do so, in each of the many districts in which an affected computer may be located.”
If a similar proposal will be accepted government entities like the National Security Agency and the Federal Bureau of Investigation will be authorized to use hacking techniques to spy on computer locates everywhere in the world… a scene already seen. Really creepy!
(Security Affairs – FBI, federal)