Cellebrite's newest target: Your IoT-filled home

See that Amazon speaker? Cellebrite has a way to examine its data. (Amazon)


Written by

Smart home devices are quickly proliferating across the the world. Millions of new devices are coming online every year, be it through an Echo or Nest or anything in between.

Each one of these devices in the ever-expanding internet of things produces huge troves of data. That information is increasingly becoming a focal point for Cellebrite, the wildly profitable Israeli firm most famous for its cracking open encrypted iPhones on behalf of law enforcement and intelligence agencies.

A new set of technical updates, commercial webinars and sales pitches from Cellebrite outline the company’s drive into IoT.

“Consumer-grade IoT devices are increasing in popularity and scope,” Mati Goldberg, Cellebrite’s head of digital forensics research, said in a recent video. “The devices and the data they collect are becoming an integral part of investigations but they also come with new investigative challenges.”

To make the case for their ability to handle the exploding world of IoT, Cellebrite’s pitch uses a hypothetical scenario where a woman is killed in her Seoul, South Korea apartment. Upon discovering the body, law enforcement finds a dozen IoT devices including an Amazon Echo, Google OnHub router, a Samsung Smart Things Hub, motion sensors, door sensors and an IPTime Switch:

The IoT-filled crime scene of the hypothetical murder. That’s a lot of closet space. Source: Cellebrite.

Everything in this apartment, from the phones to the smart TV, is constantly collecting data. Cellebrite’s products combine the data from all these devices, as well as the associated cloud accounts, and creates a report that can be checked against, for instance, the husband’s alibi.

Here’s some of the intelligence Cellebrite says they can gather from the apartment’s devices:

All the intelligence Cellebrite vacuumed up. Source: Cellebrite.

The smartphone is Cellebrite’s target of choice — which makes sense since the company made its reputation on collecting data from any phone. In this case, text messages raise alarms. But everything else in the home, from the fitness tracker to the television to the unknown Android phone’s presence, gives an unprecedented amount of information.

The most important IoT device in this hypothetical investigation is the Amazon Echo. Cellebrite is able to access everything the Echo has ever heard, including phone connections (indicating physical presence), actions (like turning on and off the smart television), and even — unexplained — voice recordings indicating the murdered woman asking a man to “stop” just before she stops moving for good.

Police and spies around the world are hungry for the data that IoT devices produce, hoping it can fuel their investigations with information they’ve never been able to access.

The company recently began supporting data extraction from drones as well, a domain where they claim to be able to “extract, decode and analyze” data from all of the most popular consumer drones including just about everything made by DJI, the top civilian and commercial drone company in the world.

Cellebrite has also been pressing forward on targeting data from specific apps. The encrypted messenger Telegram, which in marketing material Cellebrite describes as “commonly associated with gangs and terrorist groups,” is frequently featured. In recent documents, Cellebrite says they can now decode voice chats and call logs from the app, data that was previously beyond their reach.

Cellebrite didn’t respond to multiple requests for comment.

You can watch one of Cellebrite’s IoT pitches on the company’s Vimeo page.

-In this Story-

Cellebrite, Internet of Things (IoT)