Network Investigative Technique Explained

Network Investigative Technique (NIT) is a form of malware (or hacking) employed by the FBI since at least 2002. It is a drive-by download computer program designed to provide access to a computer.

Controversies

Its usage has raised both Fourth Amendment concerns[1] and jurisdictional issues.[2] The FBI has to date, despite a court order, declined to provide the complete code[3] in a child sex abuse case involving the Tor anonymity network.[4] On May 12, 2016 Mozilla filed an amicus curiae brief inasmuch as the FBI's exploit against the Mozilla Firefox web browsers potentially puts millions of users at risk. It asked that the exploit be told to them before it is told to the defendant, thus raising Fifth Amendment issues as well.[5] Also, US District Judge Robert J. Bryan in Tacoma, Washington has ruled that while the defendant in United States v. Michaud has the right to review the code, the government also has the right to keep it secret (two other federal judges in related cases have ruled to suppress evidence found as a result of the NIT);[6] On May 25, 2016, however, he ruled that "For the reasons stated orally on the record, evidence of the NIT., the search warrant issued based on the NIT., and the fruits of that warrant should be excluded and should not be offered in evidence at trial..."[7]

In March 2017 the American Civil Liberties Union, Electronic Frontier Foundation, and the National Association of Criminal Defense Lawyers released a 188-page guide to enable meaningful 4th Amendment analysis.[8] In April a Minnesota judge ruled that the warrant was invalid from the moment it was signed, given that the FBI agent knew that it exceed the jurisdictional requirements of Rule 41. All evidence gathered after that warrant was served was hence the fruit of the poisonous tree.[9]

Examples of government deployed NITs

The ACLU and Privacy International successfully litigated (see [18-cv-1488]) the release of U.S. sealed court records that revealed details about a NIT deployed in 2016 on 23 separate onion services of the Tor (network).The sworn affidavit submitted by a Special Agent of the FBI (affidavit template formerly written by the NAIC) indicated the NIT had the following abilities: "The NIT will reveal to the government environmental variables and certain registry-type information that may assist in identifying the computer, its location, and the user of the computer...."

List of Government Operations

There is a growing list of government operations that are known to have used NITS.

See also

External links

Notes and References

  1. Visit the Wrong Website, and the FBI Could End Up in Your Computer . Wired . 2016-04-30 . Poulsen, Kevin . 2018-01-11 . https://web.archive.org/web/20180111024650/https://www.wired.com/2014/08/operation_torpedo/ . live .
  2. Web site: This Technicality Could Spoil the FBI's Dark Web Hacking Operations . Motherboard . 2016-04-21 . 2016-04-30 . Franceschi-Bicchierai, Lorenzo . 2016-04-24 . https://web.archive.org/web/20160424135009/http://motherboard.vice.com/read/this-technicality-could-spoil-the-fbis-dark-web-hacking-operations . live .
  3. Web site: The FBI must provide details on the network investigative technique used to hack more than 1000 computers in a case involving child pornography. . Security Affairs . 2016-02-22 . 2016-04-30 . Paganini, Pierluigi . 2024-07-29 . https://web.archive.org/web/20240729030808/https://securityaffairs.com/44687/cyber-crime/fbi-network-investigative-technique.html . live .
  4. Web site: FBI Refuses to Divulge How It Tracked Pedophiles on Tor . Gizmodo . 2016-03-30 . 2016-04-30 . Condliffe, Jamie . 2024-07-29 . https://web.archive.org/web/20240729030808/https://gizmodo.com/fbi-refuses-to-divulge-how-it-tracked-paedophiles-on-to-1767933079 . live .
  5. Web site: Mozilla Asks Court To Force FBI To Turn Over Information On Hacking Tool It Used In Child Porn Case: from the only-criminals-use-patched-browsers-amirite? dept . TechDirt . 2016-05-12 . 2016-05-12 . Cushing, Jim . 2016-05-12 . https://web.archive.org/web/20160512215651/https://www.techdirt.com/articles/20160512/07174834422/mozilla-asks-court-to-force-fbi-to-turn-over-information-hacking-tool-it-used-child-porn-case.shtml . live .
  6. Web site: Judge says suspect has right to review code that FBI has right to keep secret: At issue is Tor malware that enabled the FBI to bust child porn ring. . Ars Technica . 2016-05-19 . 2016-05-20 . Farivar, Cyrus . 2016-05-19 . https://web.archive.org/web/20160519222336/http://arstechnica.com/tech-policy/2016/05/judge-says-suspect-has-right-to-review-code-that-fbi-has-right-to-keep-secret/ . live .
  7. Web site: Once more, a judge rules against gov't in Tor-enabled child porn case: DOJ may appeal: "We are disappointed with the ruling and considering our options." . Ars Technica . 2016-05-25 . 2016-05-25 . Farivar, Cyrus . 2016-05-25 . https://web.archive.org/web/20160525235630/http://arstechnica.com/tech-policy/2016/05/once-more-a-judge-rules-against-govt-in-tor-enabled-child-porn-case/ . live .
  8. Web site: To fight Tor hack prosecutions, activist groups offer up legal help: Guide is intended to help level the legal playing field. . Farivar . Cyrus . 2017-03-30 . Ars Technica . 2017-03-30 . 2024-07-29 . https://web.archive.org/web/20240729030821/https://arstechnica.com//tech-policy/2017/03/to-fight-tor-hack-prosecutions-activist-groups-offer-up-legal-help/ . live .
  9. Web site: Judge Says FBI's NIT Warrant Invalid, Points Out FBI Agent Knew It Was Invalid When He Requested It . Cushing . Tim . TechDirt . 7 April 2017 . 2017-04-07 . 2017-04-08 . 2017-04-09 . https://web.archive.org/web/20170409113545/https://www.techdirt.com/articles/20170331/16305737053/judge-says-fbis-nit-warrant-invalid-points-out-fbi-agent-knew-it-was-invalid-when-he-requested-it.shtml . live .