Cybersecurity

FBI chief: San Bernardino phone hack cost over $1 million

by Cory Bennett 04/21/16 03:41 PM ET

The FBI paid over $1 million to get into the locked iPhone used by one of the San Bernardino shooters, agency head James Comey indicated on Thursday.

Speaking Thursday at the Aspen Security Forum in London, Comey said the fee was “a lot — more than I will make in the remainder of this job, which is seven years and four months for sure,” according to Reuters.

{mosads}According to the FBI’s website and salary figures from the Office of Management and Budget, Comey makes $183,300 a year. That means Comey will make $1.34 million over the rest of his tenure if the agency head’s compensation remains the same.

If those figures are correct, it could make the sum the highest publicized fee an organization has ever paid for a hacking technique. It would surpass the $1 million security firm Zerodium recently awarded to hackers that found a bug in Apple’s iOS 9 operating system.

“It was, in my view, worth it,” Comey added.

The hacking technique allowed the FBI to access an iPhone used by Syed Rizwan Farook — one of the two shooters in the San Bernardino, Calif., terrorist attack — without help from Apple.

Before the bureau was shown the pricey method, investigators had claimed the phone could only be accessed with Apple’s assistance. The Justice Department obtained a court order directing the tech giant to help unlock the phone, setting off a high-profile standoff when Apple refused.

Apple insisted that complying would set a dangerous precedent that would allow the government to ask other companies to intentionally undermine their security features, imperiling global digital security and online privacy.

The FBI countered that its request was narrowly tailored to the case at hand.

The court battle sparked a heated debate on Capitol Hill, as some lawmakers jumped to Apple’s defense, while others called on the Silicon Valley stalwart to help law enforcement.

The government eventually dropped its court order after purchasing the intrusion method from third-party hackers.

But because of the exorbitant costs to this approach, the FBI has said it cannot rely on paying outside hackers to get around secure devices.

“These solutions are very case-by-case specific,” said Amy Hess, the FBI’s executive assistant director for science and technology, during a House hearing this week.

“They’re very dependent on the fragility of the system,” she added. “And also they’re very time intensive and resource intensive, which may not be scalable.”

In an attempt to address these concerns, Sens. Richard Burr (R-N.C.) and Dianne Feinstein (D-Calif.) — the leaders of the Intelligence Committee — recently unveiled a bill that would force companies like Apple to comply with such court orders.